Cybersecurity scientists have disclosed several security flaws in Cinterion mobile modems that could be probably exploited by threat actors to accessibility delicate information and realize code execution.
“These vulnerabilities consist of critical flaws that allow remote code execution and unauthorized privilege escalation, posing sizeable threats to integral conversation networks and IoT products foundational to industrial, health care, automotive, economical and telecommunications sectors,” Kaspersky mentioned.
Cinterion modems have been originally designed by Gemalto before the company was acquired by Telit from Thales as section of a offer announced in July 2022.
Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).
➤ Get Mullvad VPN with 12% Discount
The findings were introduced at the OffensiveCon held in Berlin on Could 11. The checklist of 8 flaws is as follows –
- CVE-2023-47610 (CVSS score: 8.1) – A buffer overflow vulnerability that could permit a remote unauthenticated attacker to execute arbitrary code on the specific method by sending a specifically crafted SMS message.
- CVE-2023-47611 (CVSS rating: 7.8) – An improper privilege management vulnerability that could allow for a neighborhood, lower-privileged attacker to elevate privileges to producer degree on the targeted system.
- CVE-2023-47612 (CVSS score: 6.8) – A documents or directories available to exterior events vulnerability that could make it possible for an attacker with bodily accessibility to the goal program to receive read/produce obtain to any data files and directories on the specific technique, including hidden data files and directories.
- CVE-2023-47613 (CVSS rating: 4.4) – A relative path traversal vulnerability that could allow for a area, reduced-privileged attacker to escape from digital directories and get browse/produce access to guarded documents on the focused program.
- CVE-2023-47614 (CVSS rating: 3.3) – An exposure of sensitive facts vulnerability that could make it possible for a local, lower-privileged attacker to disclose hidden virtual paths and file names on the targeted method.
- CVE-2023-47615 (CVSS rating: 3.3) – An publicity of sensitive data by means of environmental variables vulnerability that could allow a community, reduced-privileged attacker to attain unauthorized access to the focused system.
- CVE-2023-47616 (CVSS score: 2.4) – An publicity of sensitive facts vulnerability that could allow for an attacker with physical entry to the goal method to get accessibility to sensitive info on the qualified system.
The most serious of the weaknesses is CVE-2023-47610, a heap overflow vulnerability in the modem that allows remote attackers to execute arbitrary code by means of SMS messages.
In addition, the entry could be weaponized to manipulate RAM and flash memory, therefore making it possible for the attackers to exert more handle of the modem with no authentication or requiring bodily access.
The remaining vulnerabilities stem from security lapses in the managing of MIDlets, which refer to Java-based programs running inside the modems. They could be abused to bypass electronic signature checks and allow for unauthorized code execution with elevated privileges.
Security researchers Sergey Anufrienko and Alexander Kozlov have been credited with discovering and reporting the flaws, which were being formally uncovered by Kaspersky ICS CERT in a collection of advisories posted on November 8, 2023.
“Due to the fact the modems are normally integrated in a matryoshka-model in other options, with merchandise from one vendor stacked atop those people from a different, compiling a list of impacted conclude products and solutions is difficult,” Evgeny Goncharov, head of Kaspersky ICS CERT, reported.
To mitigate probable threats, businesses are suggested to disable non-vital SMS messaging capabilities, utilize non-public Accessibility Issue Names (APNs), handle bodily accessibility to devices, and perform standard security audits and updates.
The Hacker Information has reached out to Telit for extra details on the flaws, and we will update the story after we hear back.
Discovered this short article interesting? Abide by us on Twitter and LinkedIn to examine much more unique articles we submit.
Some parts of this report are sourced from:
thehackernews.com
Black Basta Ransomware Strikes 500+ Entities Across North America, Europe, and Australia