I'm no expert in these thingies, but while the multiple hardcoded account/password thing is at best mind boggling, i really don't get it why it's critical.
One would assume that while the devices are connected over a network, that network would be internal and isolated from "bad real world" as much as possible.
Thus, to gain access to a means to exploit these vulnerabilities, you'd have to go INSIDE the place. And if that happened, you already failed. The time it takes to tap the network, scan for devices, take control, and reprogram them is probably as much as it takes to blow the place sky high using conventional means.
Begs the question then, how many facilities went around and made the supposedly isolated (and operation critical) network a part of the general network to "make it easier". Or are they just worried because they now have to go about checking device integrity because it's not something noticeable as opposed to a explosive charge?
My 0.0002c on the former because being lazy and thinking about security after the failure is the norm not the exception.
- +Analysis Microsoft: We're making ONE TRUE WINDOWS to rule us all
- Apple: We'll unleash OS X Yosemite beta on the MASSES on 24 July
- Pics It's Google HQ - the British one: Reg man snaps covert shots INSIDE London offices
- White? Male? You work in tech? Let us guess ... Twitter? We KNEW it!
- Apple fanbois SCREAM as update BRICKS their Macbook Airs