1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Modems used in many industrial IoT sectors could be easily hacked

    From TechnologyDaily@1337:1/100 to All on Mon May 13 11:30:05 2024
    Modems used in many industrial IoT sectors could be easily hacked

    Date:
    Mon, 13 May 2024 11:16:56 +0000

    Description:
    Kaspersky finds a slew of vulnerabilities in Telit Cinterion modems, some allowing for remote code execution via SMS.

    FULL STORY ======================================================================

    Modems used in many industrial Internet of Things (IoT) devices can easily be hacked, allowing threat actors root access, remotely and without authentication. The result could be highly disruptive, as many industries
    rely on IoT devices and other internet-connected sensors for proper
    operations of entire facilities.

    A report from cybersecurity researchers Kaspersky claims to have discovered the flaws in February 2023, and is only reporting on them now, since the vendor has now released the fix.

    The result could be highly disruptive, as many industries rely on IoT devices and other internet-connected sensors for proper operations of entire facilities. Fixes released

    As per the report, Kasperskys pros found a total of eight issues, in multiple cellular modems built by Telit Cinterion. The most important issue is tracked as CVE-2023-47610, and carries a severity score of either 8.8 (per Kaspersky) or 9.8 (per NIST). This issue allows threat actors, with previous knowledge
    of the subscriber number of the target modem in the cellular operator's network, to trigger arbitrary code execution via SMS.

    "This access also facilitates the manipulation of RAM and flash memory, increasing the potential to seize complete control over the modem's functionalitiesall without authentication or requiring physical access to the device," Kasperskys researchers explained.

    Here is the full list of affected models:

    Cinterion BGS5

    Cinterion EHS5/6/7

    Cinterion PDS5/6/8

    Cinterion ELS61/81

    Cinterion PLS62

    Telit released fixes for some of the vulnerabilities, but the biggest problem is the fact that other manufacturers used the modems in their devices, as well. Hence, the actual number of vulnerable devices is difficult to determine.

    "The vulnerabilities we found, coupled with the widespread deployment of
    these devices in various sectors, highlight the potential for extensive
    global disruption," Evgeny Goncharov, head of Kaspersky ICS CERT, said in the report.

    Via BleepingComputer More from TechRadar Pro Many top 5G phones could have major security issues - what you need to know Here's a list of the best firewalls today These are the best endpoint protection tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/modems-used-in-many-industrial-iot-sect ors-could-be-easily-hacked


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)