Modems used in many industrial Internet of Things (IoT) devices can be easily hacked, allowing threat actors to gain root access, remotely and without authentication. The result could be highly disruptive, as many industries rely on IoT devices and other Internet-connected sensors for the proper functioning of entire facilities.
A report from cybersecurity researchers Kaspersky claims to have discovered the flaws in February 2023 and is only reporting on them now as the vendor has already released the fix.
The result could be highly disruptive, as many industries rely on IoT devices and other Internet-connected sensors for the proper functioning of entire facilities.
Corrections published
According to the report, Kaspersky professionals found a total of eight problems in multiple cellular modems built by Telit Cinterion. The most significant issue is recorded as CVE-2023-47610 and has a severity score of 8.8 (according to Kaspersky) or 9.8 (according to NIST). This issue allows threat actors, with prior knowledge of the target modem's subscriber number on the cellular operator's network, to trigger arbitrary code execution via SMS.
“This access also makes it easier to manipulate RAM and flash memory, increasing the potential to take full control over the modem's functionalities, all without authentication or the need for physical access to the device,” Kaspersky researchers explained.
Here is the full list of affected models:
Cinterion BGS5
Cinterion EHS5/6/7
Cinterion PDS5/6/8
Cinterion ELS61/81
Cinterion PLS62
Telit released fixes for some of the vulnerabilities, but the biggest problem is the fact that other manufacturers also used the modems in their devices. Therefore, it is difficult to determine the actual number of vulnerable devices.
“The vulnerabilities we found, along with the widespread deployment of these devices across multiple sectors, highlight the potential for major global disruption,” Evgeny Goncharov, director of Kaspersky ICS CERT, said in the report.
Through beepcomputer