HomeCII/OTCinterion Modem Vulnerabilities Pose Risks to IoT Devices

Cinterion Modem Vulnerabilities Pose Risks to IoT Devices

Published on

spot_img

Millions of Internet of Things (IoT) devices are currently at risk due to critical vulnerabilities in widely-used cellular modem technology manufactured by Telit Cinterion. These vulnerabilities, known as the Cinterion Modem Vulnerabilities, have raised concerns about the security of communication networks and IoT devices across various sectors such as industrial, healthcare, automotive, financial, and telecommunication.

Telit Cinterion, a prominent IoT technology provider based in Irvine, California, specializes in offering edge-to-cloud IoT services including connectivity plans, IoT SIMs, embedded software, and PaaS IoT deployment managed services. However, the recent discovery of vulnerabilities in their Cinterion modems has brought attention to potential security risks that could lead to global disruptions.

The vulnerabilities were first presented by researchers from Kaspersky at the OffensiveCon international security conference in Berlin. These vulnerabilities include remote code execution (RCE) flaws and unauthorized privilege escalation within user applications (MIDlets) and OEM-bundled firmware integrated with the modems. The most severe vulnerability identified, CVE-2023-47610, allows attackers to execute arbitrary commands remotely through specially crafted SMS messages without any authentication or physical access, potentially compromising the integrity of the devices.

In addition to the RCE vulnerability, researchers also discovered several security flaws in user applications (MIDlets) and OEM-bundled firmware, labeled as CVE-2023-47611 through CVE-2023-47616. These vulnerabilities could allow attackers with physical access to the modems to compromise user MIDlets, execute unauthorized code, manipulate digital signatures, and elevate execution privileges to the manufacturer level.

Despite researchers reporting these vulnerabilities to Telit Cinterion last November, not all of the flaws have been fully addressed, leaving millions of IoT devices vulnerable to potential attacks. These modems are embedded in various IoT products including industrial equipment, smart meters, telematics systems, and medical devices, making it challenging to identify all affected products.

To mitigate these risks, organizations are advised to disable non-essential SMS messaging capabilities, implement private Access Point Names (APNs), control physical access to devices, and regularly update security measures to prevent unauthorized access.

The discovery of these vulnerabilities underscores the increasing concerns over IoT security, particularly in industrial control and operational technology environments. Recent threat data analysis highlighted a rise in attacks targeting IoT and OT networks, driven by vulnerabilities like those found in Cinterion modems and other devices.

In conclusion, urgent action is needed from both device manufacturers and telecom operators to address these vulnerabilities and safeguard critical infrastructure from potential cyber threats. The researchers behind the findings plan to publish a detailed white paper on modem security internals by May 2024 to further educate the industry on these risks.

Source link

Latest articles

India and Estonia Form Cyber Security Partnership to Address Risks Posed by Chinese Hackers

India and Estonia, two countries with different strengths in the field of cybersecurity, are...

93% of vulnerabilities remain unanalyzed by NVD since February

The recent slowdown at the National Vulnerability Database has caused a backlog of 93%...

CyberArk Embraces Machine Identity with Venafi Deal

The recent trend in cyber attacks has shifted to targeting machine identities in addition...

ShrinkLocker: Turning BitLocker into ransomware – Source: securelist.com

In a recent incident response engagement, a clever technique involving the misuse of the...

More like this

India and Estonia Form Cyber Security Partnership to Address Risks Posed by Chinese Hackers

India and Estonia, two countries with different strengths in the field of cybersecurity, are...

93% of vulnerabilities remain unanalyzed by NVD since February

The recent slowdown at the National Vulnerability Database has caused a backlog of 93%...

CyberArk Embraces Machine Identity with Venafi Deal

The recent trend in cyber attacks has shifted to targeting machine identities in addition...
en_USEnglish