Critical Flaws In Cinterion Cellular Modems Let Attackers Execute Remote Code

About a Well-known vulnerabilities appreciate been cowl in Cinterion Cellular modems that would possibly perchance well perchance additionally enable an unauthorized faraway attacker to entire arbitrary code on the affected devices and escalate their privileges.

There appreciate been millions of devices deployed worldwide making it a frequent risk landscape for attackers to spend.

Undoubtedly one of many vulnerabilities has been assigned CVE-2024-47610, and its severity has been given as 9.8 (Well-known).

Kaspersky talked about, “Affected distributors must undertake in depth efforts to retain watch over dangers, with mitigation frequently probably handiest on the telecom operators’ side.” Kaspersky has additionally equipped mitigation steps for addressing this vulnerability.

Technical Diagnosis – CVE-2023-47610

Amongst the vulnerabilities, this vulnerability is alarming and associated with a heap overflow at some level of the modem’s SUPL (Salvage Particular person Aircraft Space) message handlers.

An attacker can exploit this vulnerability and discontinue faraway code by sending a malicious SMS to the modem’s operating machine.

Truly, any risk actor with no authentication or bodily access to the affected devices can exploit these vulnerabilities and manipulate RAM and flash memory, ensuing in entire retain watch over of the modem’s functionalities.

Cinterion cellular modems are within the within the period in-between worn in many sectors, including industrial, healthcare, car, financial, and telecommunications sectors.

Additional, there would possibly perchance be additionally a flaw in facing the MDlets, Java-basically based fully capabilities that bustle on these modems.

Compromising these devices additionally bypasses the digital signature tests, ensuing in elevated privileges.

The opposite two vulnerabilities which appreciate been identified had been CVE-2023-47611 and CVE-2023-47616.

Affected Gadgets

The list of devices tormented by these vulnerabilities is as follows:

• Telit Cinterion BGS5 (All variations)
• Telit Cinterion EHS5/6/8 (All variations)
• Telit Cinterion PDS5/6/8 (All variations)
• Telit Cinterion ELS61/81 (All variations)
• Telit Cinterion PLS62 (All variations).

Mitigation

Kaspersky has equipped the steps to mitigate these vulnerabilities, which are to disable nonessential SMS messaging capabilities and instruct private APNs (Obtain entry to Point Networks) with strict safety settings.

Furthermore, it is suggested that digital signature verification for MIDlets be enforced and bodily access to the devices managed.

For IoT devices, the following steps are suggested:

• Keeping extreme programs with up-to-date risk intelligence
• The usage of a legitimate endpoint safety resolution
• Keeping industrial endpoints as well to corporate ones
• Set up a safety resolution that protects the devices from assorted assault vectors.