Critical Flaws In Cinterion Cellular Modems Remote Code


A few Critical vulnerabilities have been discovered in Cinterion Cellular modems that could allow an unauthorized remote attacker to execute arbitrary code on the affected devices and escalate their privileges.

There have been millions of devices deployed worldwide making it a widespread threat landscape for attackers to exploit. 

One of the vulnerabilities has been assigned CVE-2024-47610, and its severity has been given as 9.8 (Critical).

Kaspersky stated, “Affected vendors must undertake extensive efforts to manage risks, with mitigation often feasible only on the telecom operators’ side.” Kaspersky has also provided mitigation steps for addressing this vulnerability.

Free Webinar on Live API Attack Simulation: Book Your Seat | Start protecting your APIs from hackers

Among the vulnerabilities, this vulnerability is alarming and associated with a heap overflow inside the modem’s SUPL (Secure User Plane Location) message handlers.

An attacker can exploit this vulnerability and execute remote code by sending a malicious SMS to the modem’s operating system.

In fact, any threat actor with no authentication or physical access to the affected devices can exploit these vulnerabilities and manipulate RAM and flash memory, leading to complete control of the modem’s functionalities.

Cinterion cellular modems are currently used in many sectors, including industrial, healthcare, automotive, financial, and telecommunications sectors.

Further, there is also a flaw in handling the MDlets, Java-based applications that run on these modems.

Compromising these devices also bypasses the digital signature checks, resulting in elevated privileges.

The other two vulnerabilities that have been identified were CVE-2023-47611 and CVE-2023-47616.

Affected Devices

The list of devices affected by these vulnerabilities is as follows:

  • Telit Cinterion BGS5 (All versions)
  • Telit Cinterion EHS5/6/8 (All versions)
  • Telit Cinterion PDS5/6/8 (All versions)
  • Telit Cinterion ELS61/81 (All versions)
  • Telit Cinterion PLS62 (All versions).

Mitigation

Kaspersky has provided the steps to mitigate these vulnerabilities, which are to disable nonessential SMS messaging capabilities and employ private APNs (Access Point Networks) with strict security settings.

Additionally, it is recommended that digital signature verification for MIDlets be enforced and physical access to the devices controlled.

For IoT devices, the following steps are recommended:

  • Protecting critical systems with up-to-date threat intelligence
  • Using a reliable endpoint security solution
  • Protecting industrial endpoints as well as corporate ones
  • Install a security solution that protects the devices from different attack vectors.

On-Demand Webinar to Secure the Top 3 SME Attack Vectors: Watch for Free



Source link