May 16, 2023

OTORIO discovered various security flaws in the cloud management systems of prominent industrial cellular router suppliers Sierra Wireless, Teltonika Networks, and InHand Networks.

OTORIO’s analysis uncovered 11 vulnerabilities that allow remote code execution and full control of hundreds of thousands of devices and OT networks. In the instance of Sierra Wireless, attackers may discover unregistered cloud-connected devices, extract serial numbers from them using the AirVantage online Warranty Checker application, and register them under their control. This empowers them to carry out arbitrary orders.

Meanwhile, CVE-2023-22601, CVE-2023-22600, and CVE-2023-22598 can be used to exploit InHand Networks, allowing remote code execution with root access, issuing reboot orders, and pushing firmware upgrades. The vulnerabilities in Teltonika Networks’ remote management system (RMS) are in the external API and interfaces, exposing sensitive device information and passwords. This allows attackers to run remote programs, discover controlled network devices, and impersonate genuine devices.

These vulnerabilities, if exploited, might allow attackers to circumvent existing security measures, harvest sensitive data, and remotely execute malicious code within internal networks. Furthermore, attackers can get unauthorized access to network devices, allowing them to carry out harmful actions with elevated privileges, such as forced shutdowns.

The sources for this piece include an article in TheHackerNews.