November 28, 2024 at 12:27PM
Advantech EKI wireless access points have 20 disclosed vulnerabilities, including six critical ones that allow unauthenticated remote code execution and potential backdoor access. Recent firmware updates address these issues, but attackers can exploit them via physical proximity and rogue access points. Vulnerabilities could lead to significant network breaches and data compromise.
### Meeting Takeaways – Nov 28, 2024
**Key Issue: Security Vulnerabilities in Advantech EKI Devices**
– **Overview**: A total of 20 security vulnerabilities have been reported in Advantech EKI industrial-grade wireless access point devices, with several allowing for serious security breaches.
**Vulnerability Details**:
– **Risks**: Many of the identified vulnerabilities can be exploited to achieve:
– Unauthorized remote code execution with root privileges.
– Full compromise of device confidentiality, integrity, and availability.
– **Critical Vulnerabilities**:
– Six critical vulnerabilities allow attackers to:
– Establish persistent access (backdoor).
– Trigger denial-of-service (DoS) conditions.
– Repurpose infected endpoints for further attacks.
– **Specific Vulnerabilities**:
– Five critical flaws (CVE-2024-50370 to CVE-2024-50374, CVSS score: 9.8) relate to OS command issues.
– CVE-2024-50375 (CVSS score: 9.8) involves missing authentication for critical functions.
– CVE-2024-50376 (CVSS score: 7.3) is a cross-site scripting vulnerability.
– CVE-2024-50359 (CVSS score: 7.2) involves command injection that requires authentication.
**Exploitation Conditions**:
– An external attacker must be physically close to the access point to exploit these vulnerabilities.
– Attack activation occurs when an administrator accesses the “Wi-Fi Analyzer” section of the web application, without appropriate sanitization checks.
**Potential Attack Vector**:
– Attackers can use a rogue access point to broadcast forged information, potentially executing arbitrary JavaScript code.
– Combining CVE-2024-50376 with CVE-2024-50359 could allow attackers to gain command-level access (e.g., via a reverse shell).
**Response**:
– The vulnerabilities have been addressed in two firmware updates:
– Version 1.6.5 (for EKI-6333AC-2G and EKI-6333AC-2GD)
– Version 1.2.2 (for EKI-6333AC-1GPO)
**Action Items**:
– Ensure all devices are updated to the latest firmware versions to mitigate identified risks.
– Monitor for any unauthorized access attempts or anomalies within network operations.
For further updates, follow us on Twitter and LinkedIn.