AT2k Design BBS Message Area
Casually read the BBS message area using an easy to use interface. Messages are categorized exactly like they are on the BBS. You may post new messages or reply to existing messages!

You are not logged in. Login here for full access privileges.

Previous Message | Next Message | Back to Slashdot  <--  <--- Return to Home Page
   Local Database  Slashdot   [78 / 122] RSS
 From   To   Subject   Date/Time 
Message   VRSS    All   Frostbyte10 Bugs Put Thousands of Refrigerators At Major Grocery   September 2, 2025
 7:20 PM   

Feed: Slashdot
Feed Link: https://slashdot.org/
---

Title: Frostbyte10 Bugs Put Thousands of Refrigerators At Major Grocery
Chains At Risk

Link: https://it.slashdot.org/story/25/09/02/209250...

An anonymous reader quotes a report from The Register: Ten vulnerabilities in
Copeland controllers, which are found in thousands of devices used by the
world's largest supermarket chains and cold storage companies, could have
allowed miscreants to manipulate temperatures and spoil food and medicine,
leading to massive supply-chain disruptions. The flaws, collectively called
Frostbyte10, affect Copeland E2 and E3 controllers, used to manage critical
building and refrigeration systems, such as compressor groups, condensers,
walk-in units, HVAC, and lighting systems. Three received critical-severity
ratings. Operational technology security firm Armis found and reported the 10
bugs to Copeland, which has since issued firmware updates that fix the flaws
in both the E3 and the E2 controllers. The E2s reached their official end-of-
life in October, and affected customers are encouraged to move to the newer
E3 platform. Upgrading to Copeland firmware version 2.31F01 mitigates all the
security issues detailed here, and the vendor recommends patching promptly.
In addition to the Copeland updates, the US Cybersecurity and Infrastructure
Security Agency (CISA) is also scheduled to release advisories today, urging
any organization that uses vulnerable controllers to patch immediately. Prior
to these publications, Copeland and Armis execs spoke exclusively to The
Register about Frostbyte10, and allowed us to preview an Armis report about
the security issues. "When combined and exploited, these vulnerabilities can
result in unauthenticated remote code execution with root privileges," it
noted. [...] To be clear: there is no indication that any of these
vulnerabilities were found and exploited in the wild before Copeland issued
fixes. However, the manufacturer's ubiquitous reach across retail and cold
storage makes it a prime target for all manner of miscreants, from nation-
state attackers looking to disrupt the food supply chain to ransomware gangs
looking for victims who will quickly pay extortion demands to avoid
operational downtime and food spoilage.

Read more of this story at Slashdot.

---
VRSS v2.1.180528
  Show ANSI Codes | Hide BBCodes | Show Color Codes | Hide Encoding | Hide HTML Tags | Show Routing
Previous Message | Next Message | Back to Slashdot  <--  <--- Return to Home Page
VADV-PHP
Execution Time: 0.0271 seconds

If you experience any problems with this website or need help, contact the webmaster.
VADV-PHP Copyright © 2002-2025 Steve Winn, Aspect Technologies. All Rights Reserved.
Virtual Advanced Copyright © 1995-1997 Roland De Graaf.
 v2.1.250224