Multiple high-severity security vulnerabilities have been disclosed in ConnectedIO’s ER2000 edge routers and the associated cloud-based management platform. These vulnerabilities could potentially be exploited by malicious actors to execute malicious code and access sensitive data. Claroty’s Noam Moshe noted that these flaws could have allowed an attacker to fully compromise the cloud infrastructure, remotely execute code, and leak customer and device information.
Vulnerabilities in 3G/4G routers could expose internal networks to severe threats, enabling attackers to take control, intercept traffic, and infiltrate Extended Internet of Things (XIoT) devices.
These vulnerabilities primarily affect ConnectedIO platform versions v2.1.0 and earlier, including the 4G ER2000 edge router and cloud services. The flaws could be chained together, allowing attackers to execute arbitrary code on cloud-based devices without requiring direct access.
Additionally, vulnerabilities were found in the communication protocol (MQTT) between devices and the cloud, including hard-coded authentication credentials. These vulnerabilities could be used to register a rogue device and access MQTT messages containing sensitive data, such as device identifiers, Wi-Fi settings, SSIDs, and passwords from routers.
The consequences of these vulnerabilities include the ability for threat actors to impersonate devices using leaked IMEI numbers and force them to execute arbitrary commands via specially crafted MQTT messages.
An opcode “1116” bash command enables remote code execution. These vulnerabilities have been assigned CVE identifiers with varying CVSS scores, posing a serious risk to companies worldwide by allowing attackers to disrupt operations and gain access to internal networks. This disclosure follows the discovery of other vulnerabilities affecting NAS devices and industrial equipment, emphasizing the importance of robust cybersecurity measures in critical sectors.
