Kaspersky on Friday raised the alarm on a series of vulnerabilities in Cinterion cellular modems that expose millions of devices to remote code execution attacks.
A series of seven security defects identified in the widely deployed modems could lead to information leaks, elevation of privilege, sandbox escape, arbitrary code execution, and unauthorized access to files and directories on the target system.
To mitigate the risk posed by this bug, users are advised to disable the nonessential SMS messaging capabilities, by contacting the mobile operator, and using a private APN with strict security settings.
The cybersecurity firm also identified vulnerabilities in the handling of Java-based applications called MIDlets that could be exploited to execute code with elevated privileges.
The issues, tracked as CVE-2023-47611 through CVE-2023-47616, can be mitigated by verifying the digital signature for MIDlets, by strictly controlling physical access to devices, and through regular audits and updates.
Kaspersky reported the flaws to the vendor in February 2023 and published advisories on them in November.
Originally developed by Gemalto, the Cinterion modems are now owned by Telit, which acquired the business from Thales last year.
The Cinterion modems are used in various machine-to-machine and IoT communications applications, including industrial automation, telematics, smart metering, and healthcare monitoring products.
According to Kaspersky researcher Evgeny Goncharov, the exploitation of these severe flaws could lead to widespread disruptions, given the broad deployment of the vulnerable modems.
This Cyber News was published on www.securityweek.com. Publication date: Mon, 13 May 2024 15:13:08 +0000