CyberSecurityBoard
Sponsor Register Login

Vulnerability in Critical Cellular Devices Could Allow Snooping on Telecom Networks

A researcher has discovered a critical vulnerability in Baicells Technologies' wireless communication base stations that can be exploited to cause disruption in telecom networks or take complete control of data and voice traffic. Baicells Technologies is a US-based telecommunications equipment provider for 4G and 5G networks, with over 100,000 of its base stations deployed across 64 countries. The vulnerability, tracked as CVE-2023-24508, is a command injection vulnerability that can be exploited remotely without authentication by sending specially crafted HTTP requests to the targeted device. If exploited, an attacker can run shell commands with root privileges and take complete control of the device, shutting it down to cause disruption or obtaining information such as phone numbers, IMEI, and location data. According to the researcher, there are more than 1,150 devices exposed to the internet, mostly located in the United States. Baicells released a patch for the vulnerability on January 24, which affects Nova 227, 233, 243 and 246 base stations. The US Cybersecurity and Infrastructure Security Agency also released an advisory about the vulnerability. The researcher also recently discovered serious vulnerabilities in Econolite EOS traffic controller software, which can be exploited to control traffic lights.

This Cyber News was published on www.securityweek.com. Publication date: Mon, 06 Feb 2023 18:42:02 +0000


Cyber News related to Vulnerability in Critical Cellular Devices Could Allow Snooping on Telecom Networks

HackersEra Launches Telecom Penetration Testing to Eliminate Cyber Threats - Cybercriminals have attacked telecom infrastructure, particularly as it shifts to an IP-based design with the introduction of Long-Term Evolution networks, also referred to as LTE or 4G. Persistent attackers could spy on users' cellular networks and ...
2 years ago Cysecurity.news Inception
Why cellular-first SASE is defining the future of distributed enterprises - Startups seeing double-digit growth rates tell VentureBeat that combining networking and security in the same platform is essential for protecting every identity, endpoint, and threat surface that gets exposed as their companies quickly grow. ...
1 year ago Venturebeat.com
Palo Alto Networks and IBM to Jointly Provide AI-Powered Security Offerings - PRESS RELEASE. SANTA CLARA, Calif. and ARMONK, N.Y., May 15, 2024 /PRNewswire/ - Palo Alto Networks, the global cybersecurity leader, and IBM, a leading provider of hybrid cloud and AI, today announced a broad-reaching partnership to deliver ...
1 year ago Darkreading.com
20 Best Remote Monitoring Tools - 2025 - What is Good ?What Could Be Better ?Strong abilities to keep an eye on devices and systems.Some parts may take time to figure out.It gives you tools for remote control and troubleshooting.There could be more ways to change things.Lets you automate ...
8 months ago Cybersecuritynews.com
Wi-Fi 7's mission-critical role in enterprise, industrial networking - As we transition from Wi-Fi 6 to the more advanced Wi-Fi 7, we uncover the significant enhancements in speed, efficiency, and spectrum usage that set it apart from its predecessors. Rodrigues examines the crucial role of AI and machine learning in ...
1 year ago Helpnetsecurity.com
Claroty Team82: 63% of Known Exploited Vulnerabilities Tracked by CISA Are on Healthcare Organization Networks - PRESS RELEASE. NEW YORK and ORLANDO, Fla., March 12, 2024/PRNewswire/ -Claroty, the cyber-physical systems protection company, released today at the annual HIMSS24 conference a new report that uncovered concerning data about the security of medical ...
1 year ago Darkreading.com
CVE-2025-38248 - In the Linux kernel, the following vulnerability has been resolved: ...
5 months ago
Smishing Exploit Targets Cellular Routers to Intercept 2FA Codes - A new smishing exploit has been discovered targeting cellular routers, allowing attackers to intercept two-factor authentication (2FA) codes. This attack vector leverages the vulnerabilities in cellular routers used by individuals and organizations ...
2 months ago Infosecurity-magazine.com
CVE-2021-41769 - A vulnerability has been identified in SIPROTEC 5 6MD85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD89 devices (CPU variant CP300) (All versions < ...
3 years ago
FBI seeks help to unmask Salt Typhoon hackers behind telecom breaches - In January, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against Sichuan Juxinhe Network Technology, a Chinese cybersecurity firm believed to be directly involved in the Salt Typhoon telecom ...
7 months ago Bleepingcomputer.com
Google Fi User Data Breached Through T-Mobile Hack - According to Google Fi's email sent to its customers on Monday, a limited amount of their customer data was exposed in T-Mobile's breach after suspicious activity was noted in a system that contained Google Fi's customer data. Google Fi, Google's ...
2 years ago Hackread.com
International Sting Takes Down SIM Box Criminal Network - An international law enforcement operation has successfully dismantled a sophisticated SIM box fraud network that was causing significant financial losses globally. SIM box fraud involves criminals using SIM cards to bypass traditional telecom ...
2 months ago Darkreading.com
Vulnerability in Critical Cellular Devices Could Allow Snooping on Telecom Networks - A researcher has discovered a critical vulnerability in Baicells Technologies' wireless communication base stations that can be exploited to cause disruption in telecom networks or take complete control of data and voice traffic. Baicells ...
2 years ago Securityweek.com CVE-2023-24508
Future of wireless technology: Key predictions for 2024 - Wi-Fi technology continues to evolve in ways that anticipate the needs of consumers, businesses, enterprise verticals, smart cities, and service providers, according to the Wireless Broadband Alliance. Tiago Rodrigues, CEO of the Wireless Broadband ...
2 years ago Helpnetsecurity.com
Coming Soon to a Network Near You: More Shadow IoT - News of former Microsoft head of product Panos Panay's exit caused a small stir in the tech industry when it was learned he would join Amazon to lead that company's product division. Precisely what Amazon and Panay have in mind for that ecosystem has ...
1 year ago Securityweek.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
2 years ago Esecurityplanet.com
IoT Security for Business: Safeguarding Connected Devices - In this discussion, we will explore the significance of IoT security for businesses and effective strategies for safeguarding connected devices. With the increasing number of connected devices in business environments, the need for effective IoT ...
1 year ago Securityzap.com
TRAI Updates Regulations to Prevent SIM Swap Fraud in Telecom Porting - The Telecom Regulatory Authority of India recently announced updated regulations aimed at combating SIM swap fraud in the telecom sector. The TRAI highlighted that this measure is part of its broader efforts to address concerns related to fraudulent ...
1 year ago Cysecurity.news
Google sues to dismantle Chinese platform behind global toll scams - Google has taken legal action to dismantle a Chinese platform responsible for orchestrating global toll fraud scams. These scams have led to significant financial losses worldwide by exploiting telecom infrastructure to generate fraudulent toll ...
1 month ago Bleepingcomputer.com
FCC Plans Vote to Rescind Biden-Era Ruling on Telecoms Cybersecurity - The Federal Communications Commission (FCC) is preparing to vote on rescinding a Biden-era ruling that mandated enhanced cybersecurity measures for telecommunications companies. This move signals a shift in regulatory approach towards telecom ...
1 month ago Therecord.media
20 Best Endpoint Management Tools - 2025 - What is Good?What Could Be Better?Comprehensive endpoint security against many threats.The user interface may overwhelm some users.Machine learning for real-time threat detection.Integration with existing systems may be complex.A central management ...
8 months ago Cybersecuritynews.com
Chinese hackers breach more US telecoms via unpatched Cisco routers - Iniskt Group advises network admins operating Internet-exposed Cisco IOS XE network devices to apply available security patches as soon as possible and avoid exposing administration interfaces or non-essential services directly to the Internet. These ...
10 months ago Bleepingcomputer.com CVE-2023-20198 CVE-2023-20273
Ribbon Communications Breach Latest Telecom Attack - Ribbon Communications, a key player in the telecom industry, recently suffered a significant cybersecurity breach, marking the latest in a series of attacks targeting telecommunications infrastructure. This incident highlights the growing threat ...
1 month ago Darkreading.com
Palo Alto Networks and Deloitte Expand Strategic Alliance Globally - 1, 2024 /PRNewswire/ -- Palo Alto Networks (NASDAQ: PANW) and Deloitte today announced an expansion of their strategic alliance into EMEA and JAPAC regions, making Palo Alto Networks® AI-powered cybersecurity solutions and joint offerings available ...
1 year ago Darkreading.com
A Leader in 2024 Forrester Enterprise Firewall Solutions Wave - Palo Alto Networks has long recognized these challenges, which is why we’ve built a network security platform that not only protects but also fosters business growth and innovation in today’s complex environment. We believe the recognition of ...
1 year ago Paloaltonetworks.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)