December 4, 2024 at 10:34AM
Japan’s CERT warns that hackers are exploiting zero-day vulnerabilities in I-O Data’s UD-LT1 routers, enabling unauthorized access and command execution. The vendor confirmed flaws and plans to release fixes by December 18, 2024. Users are advised to implement mitigation measures to protect their devices until updates are available.
### Meeting Notes Takeaways
**Subject:** Security Advisory on I-O Data Router Vulnerabilities
1. **Vulnerability Alert:**
– Japan’s CERT has alerted users about hackers exploiting zero-day vulnerabilities in I-O Data’s UD-LT1 and UD-LT1/EX routers.
– Flaws allow for unauthorized modifications of device settings, command execution, and disabling of firewalls.
2. **Vendor Acknowledgment:**
– I-O Data has recognized the vulnerabilities in a security bulletin.
– Current fixes for identified issues are projected for release on **December 18, 2024**.
3. **Identified Vulnerabilities:**
– **CVE-2024-45841:** Misconfigured permissions allowing low-privileged users access to sensitive files.
– **CVE-2024-47133:** Administrative users can execute arbitrary OS commands due to insufficient input validation.
– **CVE-2024-52564:** Undocumented features enable remote attackers to disable firewalls and alter settings.
4. **Firmware Status:**
– Latest firmware version **v2.1.9** addresses only CVE-2024-52564.
– Upcoming version **v2.2.0** will include fixes for the other two vulnerabilities.
5. **User Reports:**
– Customers reported unauthorized access to configuration interfaces from the internet without VPN.
6. **Mitigation Measures:**
– Disable Remote Management for all internet connection methods.
– Restrict access to devices to VPN-connected networks.
– Change default guest account passwords to complex passwords of over 10 characters.
– Regularly monitor device settings for unauthorized changes and reset to factory settings if necessary.
7. **Market Focus:**
– The affected UD-LT1 and UD-LT1/EX routers are primarily sold within Japan, supporting various carriers and MVNO SIM cards.
### Action Items:
– Users should implement the recommended mitigation measures immediately to safeguard their devices until the official updates are released.