The Cisco Talos Threat Analytic and Research Unit has picked up several threats and vulnerabilities in the popularly used industrial cellular gateway IoT. The affected device, called the R1510, was created by a Chinese company called Robustel.
The product is designed to offer high-speed wireless network bandwidth in extreme environments. Over 20 mobile network operators have already approved the devices in Europe, the United States, and Southeast Asia. According to Talos, the vendor managed to identify the vulnerabilities early and has fixed them already. Security updates have been included in version 3.1.16. But Robustel failed to give recommendations or assign CVE identifiers to vulnerabilities. The company said that while it has managed to patch the vulnerabilities, its internal team of security experts launched investigations to determine the cause.
Researchers from Talos discovered a total of 10 vulnerabilities in the R1510 network device. Out of 10, nine vulnerabilities have been described as command injection problems. The issues can easily be exploited to perform arbitrary commands by sending crafted network requests to a targeted device. It is unclear whether the flaws were intentional or were due to a design flaw. The nine flaws have been assigned a “critical” severity rating.
The other vulnerability received a “high severity” rating and is a data removal issue. The vulnerability is exploited through specifically crafted requests to delete or get rid of arbitrary files. Cisco has managed to identify and publish the technical details of every type of vulnerability discovered. A senior manager at Talos Systems Security Research, Mr. Yves Younan, asserted that an attacker requires an administrator account on the gadget to exploit the vulnerabilities.
“In case a cyber attacker has an administrator account on the gadget in question, they can take that advantage to access full control of the device. This will permit them to monitor all the traffic going through the device and launch an attack on other connected devices”, said Younan.
The cyber security expert continued to say that although some devices can be accessed through the internet, exposure to threats depends on how they are deployed. “In case the devices are deployed as 4G routers, they would naturally be behind NAT from a mobile provider, and in this case, exposure will be restricted”, he added.
The device manufacturer has admitted the technical flaws and said that their team noticed the vulnerabilities a few months after it was launched. They assured customers and the public that all the concerns had already been addressed. The company also promised to make public the results of its internal investigations.