22 critical flaws in industrial bridge devices

Security researchers have disclosed 22 critical vulnerabilities, collectively named BRIDGE:BREAK, in Lantronix and Silex serial-to-IP bridge devices. These flaws enable remote code execution, authentication bypass, and denial-of-service attacks against approximately 20,000 internet-exposed devices. The vulnerable converters are widely deployed in industrial control systems, building automation, and medical infrastructure, where patching is difficult due to requirements for physical access or operational downtime. Open-source scanning has identified thousands of these vulnerable devices, highlighting systemic security challenges in embedded industrial systems.