Security vulnerabilities in Telit Cinterion cellular modems have been identified, posing significant risks to sectors such as industrial, healthcare, and telecommunications. Discovered by Kaspersky’s ICS CERT division, these flaws include a critical heap overflow issue, CVE-2023-47610, which received a severity score of 9.8 from NIST. Attackers can exploit these vulnerabilities via specially crafted SMS messages to execute arbitrary code remotely, gaining deep-level access to the modem’s operating system without requiring authentication.
The vulnerabilities were first reported to Telit in February 2023 and publicly disclosed in November. Despite some fixes being issued, several vulnerabilities remain unpatched, leaving many devices at risk. The most severe flaw affects the modem’s User Plane Location (SUPL) message handlers, enabling attackers to manipulate RAM and flash memory, potentially seizing complete control over the modem’s functionalities.
During the OffensiveCon conference in Berlin, researchers will share technical details on how these security issues can be exploited. The SMS interface on these modems, if accessed, allows for significant manipulation and control, especially if operator restrictions are bypassed using fake base stations. Additional vulnerabilities, such as CVE-2023-47611, can compromise Java-based applications on the modems, further threatening data integrity and broader network security.
Given the widespread deployment of these modems and the potential for extensive disruption, Kaspersky recommends working with telecom operators to mitigate threats. Strategies include disabling SMS sending to affected devices and using securely configured private APNs. Enforcing application signature verification and preventing unauthorized physical access are also crucial steps to protect against these vulnerabilities.
Reference: