9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
61.6%
Cybersecurity researchers have disclosed multiple security flaws in Cinterion cellular modems that could be potentially exploited by threat actors to access sensitive information and achieve code execution.
โThese vulnerabilities include critical flaws that permit remote code execution and unauthorized privilege escalation, posing substantial risks to integral communication networks and IoT devices foundational to industrial, healthcare, automotive, financial and telecommunications sectors,โ Kaspersky said.
Cinterion modems were originally developed by Gemalto before the business was acquired by Telit from Thales as part of a deal announced in July 2022.
The findings were presented at the OffensiveCon held in Berlin on May 11. The list of eight flaws is as follows -
The most severe of the weaknesses is CVE-2023-47610, a heap overflow vulnerability in the modem that enables remote attackers to execute arbitrary code via SMS messages.
Furthermore, the access could be weaponized to manipulate RAM and flash memory, thereby allowing the attackers to exert more control of the modem without authentication or requiring physical access.
The remaining vulnerabilities stem from security lapses in the handling of MIDlets, which refer to Java-based applications running within the modems. They could be abused to bypass digital signature checks and allow unauthorized code execution with elevated privileges.
Security researchers Sergey Anufrienko and Alexander Kozlov have been credited with discovering and reporting the flaws, which were formally revealed by Kaspersky ICS CERT in a series of advisories published on November 8, 2023.
โSince the modems are typically integrated in a matryoshka-style within other solutions, with products from one vendor stacked atop those from another, compiling a list of affected end products is challenging,โ Evgeny Goncharov, head of Kaspersky ICS CERT, said.
To mitigate potential threats, organizations are recommended to disable non-essential SMS messaging capabilities, employ private Access Point Names (APNs), control physical access to devices, and conduct regular security audits and updates.
The Hacker News has reached out to Telit for more information on the flaws, and we will update the story once we hear back.
Kaspersky has shared more technical details on the analysis that went behind the discovery of seven security flaws in Cinterion cellular modems that could be weaponized to elevate privileges, access sensitive information, and execute arbitrary code, effectively allowing attackers to take complete control of the devices.
The vulnerabilities impact the following models -
โThough being a special-purpose device, a modern modem implements numerous features and potential user scenarios,โ the company said. โDue to performance requirements, most of the key features are implemented in low-level languages such as ะก and Assembler and therefore lack built-in safeguards mitigating potential developersโ mistakes.โ
(The story was updated after publication on Jun 19, 2024, to include additional specifics shared by Kaspersky.)
Found this article interesting? Follow us on Twitter ๏ and LinkedIn to read more exclusive content we post.
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
61.6%