Euro Security logo white
Security vulnerabilities found in industrial IoT

August 12, 2023

Development & Certification

FH St. Pölten students found security vulnerabilities in industrial IoT hardwar

Students of the master’s programme Information Security at the University of Applied Sciences St. Pölten have uncovered security vulnerabilities in industrial IoT (Internet of Things) devices in the course of a course together with the company CyberDanube. The manufacturing companies were informed and have fixed the gaps.

In order to make teaching more practical, students on the IT security degree programmes at St. Pölten UAS regularly search for vulnerabilities in IT components. Last summer semester it was the turn of firmware of networked industrial devices in the Industrial Internet of Things (IIoT).

“The aim of the exercise was to find already known vulnerabilities and to document them accordingly. In addition to the already known vulnerabilities, the students also found new, not yet known, so-called zero-day vulnerabilities in the devices. This is a great experience for students and a remarkable success,” says programme director Christoph Lang-Muhr.

Real devices and digital twins

The analysed devices belong to the category of industrial communication solutions and are used to enable reliable and secure data transmission in industrial environments. Since the students did not have any physical devices available, they worked on so-called “digital twins”, i.e. virtual replications of the networked devices. The devices are from industry-known suppliers. “Phoenix Contact and Advantech are both leading companies in the field of Industrial Internet of Things, or IIoT.

The course was presented and coordinated by the IT security company CyberDanube, which also provided the MEDUSA solution, i.e. the technology & infrastructure for the digital twins. CyberDanube is one of two CNAs (CVE Numbering Authority) in Austria and thus authorised to assign globally recognised vulnerability numbers, so-called CVEs.

“It was a very exciting experience for us to work with particularly motivated students in this field of cyber security. We can also further incorporate relevant findings and experience gained through this into our platform,” says one of the founders of CyberDanube, Mario-Valentin Trompeter.

“These successfully found vulnerabilities show the relevance of research in this area and the practical work and training of students at St. Pölten UAS,” says Lang-Muhr.

Related Articles

Germany’s first AI factory for industry goes into operation in Munich

Feb 21, 2026

Industrial AI infrastructure as a building block of digital sovereignty With the official launch of the Industrial AI Cloud in Munich, Deutsche Telekom is setting an important milestone in industrial policy. In cooperation with NVIDIA and data centre partner Polarise,...

Comforting words from AI are often better received

Feb 20, 2026

Desired partners in crises perform worse in extensive scientific test series Although people prefer compassion that comes from other humans, they find the empathy communicated by artificial intelligence (AI) to be more effective. This was discovered by researchers at...

Share This