May 10, 2024 at 04:09AM
Security flaws in widely utilized Telit Cinterion cellular modems present remote code execution risks via SMS. Eight issues, comprising a severe heap overflow problem (CVE-2023-47610), were revealed by Kaspersky’s ICS CERT division. The vulnerabilities could allow attackers to compromise device integrity and cause extensive disruption. Mitigation strategies include disabling SMS sending and enforcing application signature verification.
From the provided meeting notes, the main takeaways are:
1. Critical security flaws have been identified in Telit Cinterion cellular modems by security researchers at Kaspersky’s ICS CERT division. These flaws could allow remote attackers to execute arbitrary code via SMS.
2. A set of eight separate issues were disclosed in November, with seven of them having CVE identifiers and another one yet to be registered.
3. The most severe of the vulnerabilities is CVE-2023-47610, a heap overflow problem that affects the modem’s User Plane Location (SUPL) message handlers.
4. Kaspersky, in collaboration with Telit, assigned a severity score of 8.8 for the CVE-2023-47610 issue, while NIST’s assessment is that the issue has critical impact and received a severity score of 9.8.
5. Attackers exploiting the vulnerability via specially crafted SMS messages could trigger the flaw and execute arbitrary code remotely on the modem without requiring authentication.
6. The researchers recommend strategies to mitigate the threats, such as disabling SMS sending to impacted devices and using a securely configured private APN, as well as enforcing application signature verification and preventing unauthorized physical access to the devices.
These takeaways address the key points from the meeting notes, providing a clear summary of the security issues and the recommended mitigation strategies.