Unpatched Vulnerabilities in Radiation Monitoring Devices

Multiple radiation monitoring systems from major manufacturers remain vulnerable to cyber exploitation, according to IAEA coordinated research and ongoing CISA bulletins. The vulnerabilities—some dating to 2017 disclosures—allow attackers to falsify readings, suppress alarms, or take complete device control.

What this means for practitioners:

• Backdoor passwords in firmware grant highest-privilege access to attackers. These exist in deployed radiation portal monitors at borders and seaports.
• Network-connected monitors transmitting data to central systems create attack surfaces for spoofing normal readings during actual events.
• Legacy systems at some facilities cannot be patched—no updates will be available. Compensating controls are the only option.
• IAEA's 2025 coordinated research project created testbeds and threat models but deployment of defensive architectures remains spotty.

Operational implications:

• Facilities should audit firmware versions against known CVEs in CISA and NIST databases
• Air-gapped or network-isolated configurations reduce remote attack risk
• Incident response plans should include scenarios for compromised monitoring data
• Procurement specifications should include cybersecurity requirements and vendor patching commitments

Confidence: 4/5. Based on IAEA CRP results (October 2025) and historical IOActive research. Specific current exploitation in the wild unconfirmed but vulnerability landscape is documented.

Sources: IAEA CRP Results | Computer Weekly