HomeVulnerabilityExtreme Vulnerabilities in Cinterion Mobile Modems Pose Dangers to Numerous Industries

Extreme Vulnerabilities in Cinterion Mobile Modems Pose Dangers to Numerous Industries

Cybersecurity researchers have disclosed a number of security flaws in Cinterion mobile modems that might be probably exploited by menace actors to entry delicate info and obtain code execution.

“These vulnerabilities embrace essential flaws that let distant code execution and unauthorized privilege escalation, posing substantial dangers to integral communication networks and IoT gadgets foundational to industrial, healthcare, automotive, monetary and telecommunications sectors,” Kaspersky stated.

Cinterion modems had been initially developed by Gemalto earlier than the enterprise was acquired by Telit from Thales as a part of a deal introduced in July 2022.

Cybersecurity

The findings had been offered on the OffensiveCon held in Berlin on Could 11. The listing of eight flaws is as follows –

  • CVE-2023-47610 (CVSS rating: 8.1) – A buffer overflow vulnerability that would permit a distant unauthenticated attacker to execute arbitrary code on the focused system by sending a specifically crafted SMS message.
  • CVE-2023-47611 (CVSS rating: 7.8) – An improper privilege administration vulnerability that would permit a neighborhood, low-privileged attacker to raise privileges to producer degree on the focused system.
  • CVE-2023-47612 (CVSS rating: 6.8) – A recordsdata or directories accessible to exterior events vulnerability that would permit an attacker with bodily entry to the goal system to acquire learn/write entry to any recordsdata and directories on the focused system, together with hidden recordsdata and directories.
  • CVE-2023-47613 (CVSS rating: 4.4) – A relative path traversal vulnerability that would permit a neighborhood, low-privileged attacker to flee from digital directories and get learn/write entry to protected recordsdata on the focused system.
  • CVE-2023-47614 (CVSS rating: 3.3) – An publicity of delicate info vulnerability that would permit a neighborhood, low-privileged attacker to reveal hidden digital paths and file names on the focused system.
  • CVE-2023-47615 (CVSS rating: 3.3) – An publicity of delicate info by way of environmental variables vulnerability that would permit a neighborhood, low-privileged attacker to acquire unauthorized entry to the focused system.
  • CVE-2023-47616 (CVSS rating: 2.4) – An publicity of delicate info vulnerability that would permit an attacker with bodily entry to the goal system to get entry to delicate information on the focused system.
See also  CISA Warns of Energetic Exploits Concentrating on Trimble Cityworks Vulnerability

Probably the most extreme of the weaknesses is CVE-2023-47610, a heap overflow vulnerability within the modem that permits distant attackers to execute arbitrary code through SMS messages.

Moreover, the entry might be weaponized to control RAM and flash reminiscence, thereby permitting the attackers to exert extra management of the modem with out authentication or requiring bodily entry.

Cybersecurity

The remaining vulnerabilities stem from security lapses within the dealing with of MIDlets, which confer with Java-based purposes working inside the modems. They might be abused to bypass digital signature checks and permit unauthorized code execution with elevated privileges.

Safety researchers Sergey Anufrienko and Alexander Kozlov have been credited with discovering and reporting the failings, which had been formally revealed by Kaspersky ICS CERT in a sequence of advisories revealed on November 8, 2023.

“For the reason that modems are usually built-in in a matryoshka-style inside different options, with merchandise from one vendor stacked atop these from one other, compiling a listing of affected finish merchandise is difficult,” Evgeny Goncharov, head of Kaspersky ICS CERT, stated.

See also  Prime 12 methods hackers broke into your techniques in 2024

To mitigate potential threats, organizations are advisable to disable non-essential SMS messaging capabilities, make use of non-public Entry Level Names (APNs), management bodily entry to gadgets, and conduct common security audits and updates.

The Hacker Information has reached out to Telit for extra info on the failings, and we’ll replace the story as soon as we hear again.

- Advertisment -spot_img
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular