The vulnerability of the ACEManager component in the microprogramming software ALEOS for Sierra Wireless’ routers allows a attacker to trigger a Denial-of-Service Attack (DoS).

The vulnerability of the ACEManager component in the ALEOS router software from Sierra Wireless relates to the execution of a loop with an unavailable exit condition. Exploiting this vulnerability could allow a malicious actor to trigger a Denial-of-Service attack remotely...

PT-2023-14980 · Aleos · Aleos

Name of the Vulnerable Software and Affected Versions: ALEOS versions prior to 4.16 Description: The issue allows a user with valid credentials to reconfigure the device, exposing the ACEManager credentials on the pre-login status page. Recommendations: For versions prior to 4.16, update to versi...

Sierra Wireless AirLink Router with ALEOS Software

1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Sierra Wireless Equipment: AirLink Router with ALEOS Software Vulnerabilities: Improper Neutralization of Argument Delimiters in a Command, Exposure of Sensitive Information to an Unauthorized Actor 2...

Multiple Sierra Wireless AirLink Routers Open to Remote Code Execution

Sierra Wireless is warning that additional AirLink router models, which are targeted toward IoT applications, are vulnerable to previously-disclosed critical flaws. The vulnerabilities are part of the 11 critical bugs disclosed on Sierra Wireless’ AirLink ES450 LTE router last week – only now,...