Vulnerabilities in router vendors’ cloud management platforms detailed

Hundreds of thousands of operational technology networks and devices are at risk of hijacking attacks stemming from the exploitation of several security vulnerabilities impacting the cloud management platforms of industrial cellular router vendors Sierra Wireless, InHand Networks, and Teltonika Wireless, The Hacker News reports. Threat actors could leverage Sierra Wireless' weak asset registration mechanisms to identify and take over unregistered cloud-connected devices, as well as enable arbitrary command execution, while exploitation of InHand Networks' security configuration vulnerabilities, tracked as CVE-2023-22598, CVE-2023-22600, and CVE-2023-22601, could facilitate remote code execution, as well as reboot command and firmware update deployment, according to a report from OTORIO presented at the Black Hat Asia 2023 conference. Meanwhile, OTORIO and Claroty researchers have also identified six vulnerabilities in Teltonika Networks RMS and two others in Teltonika's RUT router firmware. "An attacker successfully exploiting these industrial routers and IoT devices can cause a number of impacts on compromised devices and networks, including monitoring network traffic and stealing sensitive data, hijacking internet connections in order to route traffic to malicious sites, or inject malware into traffic," said both OTORIO and Claroty.