#TelitCinterion

Widely used modems in industrial IoT devices open to SMS attack

May 11, 2024 by Xynik

May 11, 2024 at 09:14AM Security flaws in Telit Cinterion cellular modems, reported by Kaspersky, allow remote attackers to execute arbitrary code via SMS. The most severe vulnerability, CVE-2023-47610, has a severity score of 9.8 and could allow attackers to take control of vulnerable devices without authentication. Telit has patched some vulnerabilities, but others remain. … Read more

Widely used Telit Cinterion modems open to SMS takeover attacks

May 10, 2024 by Xynik

May 10, 2024 at 04:09AM Security flaws in widely utilized Telit Cinterion cellular modems present remote code execution risks via SMS. Eight issues, comprising a severe heap overflow problem (CVE-2023-47610), were revealed by Kaspersky’s ICS CERT division. The vulnerabilities could allow attackers to compromise device integrity and cause extensive disruption. Mitigation strategies include disabling SMS … Read more