Vulnerabilities in modems allow you to bypass security measures and take possession of someone else's device.
Dangerous vulnerabilities in Telit Cinterion cellular modems allow attackers to remotely execute arbitrary code using SMS messages.
8 different vulnerabilities were identified, 7 of which received CVE IDs from CVE-2023-47610 to CVE-2023-47616, and the eighth is not yet registered. Researchers from Kaspersky ICS CERT reported the flaws in November last year, having previously informed the developer.
At the OffensiveCon conference in Berlin, specialists Alexander Kozlov and Sergey Anufrienko will present technical details of vulnerabilities and how to exploit them, which allow attackers to seize control of devices.
One of the most serious vulnerabilities, CVE-2023-47610 (CVSS score: 8.1), is a Heap Overflow affecting Secure User Plane Location (SUPL) message handlers.
An attacker can use specially created SMS messages to activate the vulnerability and remotely execute the code on the modem without authentication. It is noted that the SMS messaging interface is present on all modems and that access to it is possible if the subscriber number of the target modem in the network of the mobile operator is known. Operators can restrict sending binary SMS messages, but creating a fake base station can circumvent this restriction.
If CVE-2023-47610 is successfully exploited, a cybercriminal gains deep access to the modem's operating system, which allows them to manipulate RAM and flash memory and take full control of the modem's functionality.
Other vulnerabilities, although rated as less serious, can be used to compromise the integrity of MIDlets-Java applications with various functions. For example, CVE-2023-47611 allows you to execute code with elevated privileges by bypassing digital signature verification, which poses a threat to data privacy and device integrity.
Although Telit has fixed some vulnerabilities, some of them remain uncorrected. Kaspersky ICS CERT noted that due to the wide distribution of devices, serious global consequences are possible.
To minimize risks, experts recommend working with telecom operators, for example, disabling SMS sending to affected devices and using secure private APNS (Access Point Name). It is also suggested that application signatures should be verified to prevent installation of untrusted MIDlets on modems and to take measures against unauthorized physical access to devices.
Dangerous vulnerabilities in Telit Cinterion cellular modems allow attackers to remotely execute arbitrary code using SMS messages.
8 different vulnerabilities were identified, 7 of which received CVE IDs from CVE-2023-47610 to CVE-2023-47616, and the eighth is not yet registered. Researchers from Kaspersky ICS CERT reported the flaws in November last year, having previously informed the developer.
At the OffensiveCon conference in Berlin, specialists Alexander Kozlov and Sergey Anufrienko will present technical details of vulnerabilities and how to exploit them, which allow attackers to seize control of devices.
One of the most serious vulnerabilities, CVE-2023-47610 (CVSS score: 8.1), is a Heap Overflow affecting Secure User Plane Location (SUPL) message handlers.
An attacker can use specially created SMS messages to activate the vulnerability and remotely execute the code on the modem without authentication. It is noted that the SMS messaging interface is present on all modems and that access to it is possible if the subscriber number of the target modem in the network of the mobile operator is known. Operators can restrict sending binary SMS messages, but creating a fake base station can circumvent this restriction.
If CVE-2023-47610 is successfully exploited, a cybercriminal gains deep access to the modem's operating system, which allows them to manipulate RAM and flash memory and take full control of the modem's functionality.
Other vulnerabilities, although rated as less serious, can be used to compromise the integrity of MIDlets-Java applications with various functions. For example, CVE-2023-47611 allows you to execute code with elevated privileges by bypassing digital signature verification, which poses a threat to data privacy and device integrity.
Although Telit has fixed some vulnerabilities, some of them remain uncorrected. Kaspersky ICS CERT noted that due to the wide distribution of devices, serious global consequences are possible.
To minimize risks, experts recommend working with telecom operators, for example, disabling SMS sending to affected devices and using secure private APNS (Access Point Name). It is also suggested that application signatures should be verified to prevent installation of untrusted MIDlets on modems and to take measures against unauthorized physical access to devices.
