Modems used in many industrial IoT sectors can be easily hacked
Modems used in many industrial Internet of Things (IoT) devices can be easily hacked, giving threat actors root access, remotely and without authentication. The result could be very disruptive, as many industries rely on IoT devices and other internet-connected sensors to ensure the proper functioning of entire facilities.
A report from cybersecurity researchers Kaspersky claims to have discovered the flaws in February 2023 and is only now reporting on them as the vendor has now released the fix.
The result could be very disruptive, as many industries rely on IoT devices and other internet-connected sensors to ensure the proper functioning of entire facilities.
Fixes released
According to the report, Kaspersky professionals found a total of eight issues in multiple mobile modems built by Telit Cinterion. The top issue is tracked as CVE-2023-47610 and has a severity score of 8.8 (per Kaspersky) or 9.8 (per NIST). This issue allows threat actors, with prior knowledge of the subscriber number of the target modem in the mobile operator’s network, to trigger arbitrary code execution via SMS.
“This access also facilitates the manipulation of RAM and flash memory, increasing the chance to gain full control over the modem’s functionalities, all without authentication or physical access to the device,” Kaspersky researchers explain .
Here is the full list of affected models:
Cinterion BGS5
Cinterion EHS5/6/7
Cinterion PDS5/6/8
Cinterion ELS61/81
Cinterion PLS62
Telit has released fixes for some of the vulnerabilities, but the biggest problem is the fact that other manufacturers have also used the modems in their devices. Therefore, the actual number of vulnerable devices is difficult to determine.
“The vulnerabilities we found, coupled with the widespread deployment of these devices across industries, highlight the potential for widespread global disruption,” Evgeny Goncharov, head of Kaspersky ICS CERT, said in the report.
Through BleepingComputer