Modems used in many industrial Internet of Things (IoT) devices can easily be hacked, allowing threat actors root access, remotely and without authentication. The result could be highly disruptive, as many industries rely on IoT devices and other internet-connected sensors for proper operations of entire facilities.
A report from cybersecurity researchers Kaspersky claims to have discovered the flaws in February 2023, and is only reporting on them now, since the vendor has now released the fix.
The result could be highly disruptive, as many industries rely on IoT devices and other internet-connected sensors for proper operations of entire facilities.
Fixes released
As per the report, Kaspersky’s pros found a total of eight issues, in multiple cellular modems built by Telit Cinterion. The most important issue is tracked as CVE-2023-47610, and carries a severity score of either 8.8 (per Kaspersky) or 9.8 (per NIST). This issue allows threat actors, with previous knowledge of the subscriber number of the target modem in the cellular operator’s network, to trigger arbitrary code execution via SMS.
“This access also facilitates the manipulation of RAM and flash memory, increasing the potential to seize complete control over the modem’s functionalities—all without authentication or requiring physical access to the device,” Kaspersky’s researchers explained.
Here is the full list of affected models:
Cinterion BGS5
Cinterion EHS5/6/7
Cinterion PDS5/6/8
Cinterion ELS61/81
Cinterion PLS62
Telit released fixes for some of the vulnerabilities, but the biggest problem is the fact that other manufacturers used the modems in their devices, as well. Hence, the actual number of vulnerable devices is difficult to determine.
“The vulnerabilities we found, coupled with the widespread deployment of these devices in various sectors, highlight the potential for extensive global disruption,” Evgeny Goncharov, head of Kaspersky ICS CERT, said in the report.
Via BleepingComputer
