Synectix LAN 232 TRIO

Plan PatchCVSS 10ICS-CERT ICSA-26-034-04Feb 3, 2026

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

The Synectix LAN 232 TRIO contains an authentication bypass vulnerability (CWE-306) that allows an unauthenticated attacker to modify critical device settings or factory reset the device via network access. The device is classified as end-of-life; Synectix is no longer in business and will not release firmware fixes or security updates.

What this means

What could happen

An unauthenticated attacker can modify critical device settings or factory reset the LAN 232 TRIO, potentially disrupting communications or control functions that depend on this device.

Who's at risk

Water utilities and electric utilities using Synectix LAN 232 TRIO devices for serial-to-network communication or device management. Any facility relying on this device for remote monitoring or configuration of downstream equipment (meters, sensors, RTUs, or legacy serial devices).

How it could be exploited

An attacker with network access to the device can send unauthenticated commands to modify settings or trigger a factory reset without providing credentials. This requires only network connectivity to the device's management port.

Prerequisites

Network access to the LAN 232 TRIO device
No authentication or credentials required

remotely exploitableno authentication requiredlow complexityno patch availableend-of-life product

Exploitability

Unlikely to be exploited — EPSS score 0.1%

Affected products (1)

ProductAffected VersionsFix Status

LAN 232 TRIO: vers:all/*All versionsNo fix (EOL)

Remediation & Mitigation

0/4

Do now

0/2

WORKAROUNDIsolate LAN 232 TRIO devices from untrusted networks using firewall rules; restrict management access to specific authorized IP addresses or engineering workstations only

HARDENINGDisable remote management protocols on the LAN 232 TRIO if not actively required for operations; use local management only where possible

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HARDENINGMonitor for unauthorized access attempts to LAN 232 TRIO devices; log all management connections and review for anomalies

Mitigations - no patch available

0/1

LAN 232 TRIO: vers:all/* has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:

HARDENINGEvaluate replacement of LAN 232 TRIO devices with supported alternatives from vendors still actively maintaining firmware and security patches

CVEs (1)

CVE-2026-1633

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/bc22caa0-5e4a-4aa2-9993-527b18d9df5a

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.