Pen Test Partners<p>🚫 No fire detection means no going to sea.<br>If you're running the Consilium Safety CS5000 fire panel on board, hardcoded credentials could let an attacker shut it down remotely.<br>&nbsp;<br>As a result, if the system is taken offline, your vessel could be detained, lose its class certification, or be prevented from sailing altogether.<br>&nbsp;<br>There is no patch available. The vendor has stated they won’t fix the issue unless cybersecurity was part of your original contract.<br>&nbsp;<br>If your panel was installed before July 2024, it likely wasn’t designed with modern cybersecurity in mind.<br>&nbsp;<br>Andrew Tierney explains how we discovered the vulnerability, its implications for operators, and the steps you can take to mitigate the risk.<br>&nbsp;<br>📌&nbsp;Read here: <a href="https://www.pentestpartners.com/security-blog/fire-detection-system-been-pwned-youre-not-going-to-sea/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">pentestpartners.com/security-b</span><span class="invisible">log/fire-detection-system-been-pwned-youre-not-going-to-sea/</span></a><br>&nbsp;<br><a href="https://infosec.exchange/tags/MaritimeCyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MaritimeCyberSecurity</span></a> <a href="https://infosec.exchange/tags/VulnerabilityResearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VulnerabilityResearch</span></a> <a href="https://infosec.exchange/tags/OTSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OTSecurity</span></a> <a href="https://infosec.exchange/tags/FireDetection" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FireDetection</span></a> <a href="https://infosec.exchange/tags/CyberRisk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberRisk</span></a></p>