Critical Vulnerabilities in Cinterion Modems Exposed

Security

Critical vulnerabilities have been found within Cinterion cellular modems. Disclosed during a Kaspersky presentation at OffensiveCon in Berlin on May 11, these flaws could allow remote attackers to execute arbitrary code, posing a significant threat to the integrity of millions of industrial devices reliant on these modems.

The identified vulnerabilities, including CVE-2023-47610, highlight severe security weaknesses within the modem’s SUPL message handlers. Exploiting this flaw via SMS could grant attackers unauthorized access to the modem’s operating system, enabling them to manipulate RAM and flash memory without needing authentication or physical device access.

Moreover, investigations uncovered flaws in the handling of MIDlets, Java-based applications running on the modems. By bypassing digital signature checks, attackers could execute unauthorized code with elevated privileges, posing risks to data confidentiality and broader network security.

Evgeny Goncharov, head of Kaspersky ICS CERT, emphasized the potential for widespread disruption across various sectors due to the extensive deployment of these modems. 

“These disturbances range from economic and operational impacts to safety issues. Since the modems are typically integrated in a matryoshka-style within other solutions, with products from one vendor stacked atop those from another, compiling a list of affected end products is challenging,” he said.

“Affected vendors must undertake extensive efforts to manage risks, with mitigation often feasible only on the telecom operators’ side.”

Read more on router security: US Thwarts Volt Typhoon Cyber-Espionage Campaign Through Router Disruption

To defend against this threat, Kaspersky recommended disabling nonessential SMS messaging capabilities and enforcing rigorous digital signature verification for MIDlets. They also urged stakeholders to control physical access to devices and conduct regular security audits and updates.

The vulnerabilities have been shared with the manufacturer, but the intricate supply chain involving Gemalto (now under Thales), and subsequently Telit, complicates mitigation efforts. 

Products You May Like

Articles You May Like

Italy’s Data Protection Watchdog Issues €15m Fine to OpenAI Over ChatGPT Probe
Sophisticated TA397 Malware Targets Turkish Defense Sector
DeceptionAds Delivers 1M+ Daily Impressions via 3,000 Sites, Fake CAPTCHA Pages
Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware
CISA and EPA Warn of Cyber Risks to Water System Interfaces

Leave a Reply

Your email address will not be published. Required fields are marked *