“Critical flaws” have been identified in modems deployed in millions of devices worldwide. Cybersecurity firm Kaspersky has issued a report warning companies of severe security vulnerabilities in Cinterion cellular modems.
According to Kaspersky, Cinterion modems are cornerstone components in machine-to-machine (M2M) and Internet of Things (IoT) communications and now offer a back door for all kinds of threat actors. They support various applications, ranging from industrial automation and vehicle telematics to smart metering and healthcare monitoring. Gemalto, the initial developer of the modems, was subsequently acquired by Thales. In 2023, Telit acquired Thales’ cellular IoT products business, including the Cinterion modems.
The vulnerabilities detected in the Cinterion modems enable remote attackers to execute arbitrary code via SMS, granting them unprecedented access to the modem’s operating system. This access also facilitates the potential to seize complete control over the modem’s functionalities—all without authentication or requiring physical access to the device.
Potential for extensive global disruption
“The vulnerabilities we found, coupled with the widespread deployment of these devices in various sectors, highlight the potential for extensive global disruption. These disturbances range from economic and operational impacts to safety issues. Affected vendors must undertake extensive efforts to manage risks, with mitigation often feasible only on the telecom operators’ side,” says Evgeny Goncharov, head of Kaspersky ICS CERT.
The security flaws highlighted by Kaspersky not only potentially open doors to ransomware gangs. Wherever US critical infrastructure is involved, the gorilla in the room is industrial espionage conducted by potentially hostile foreign powers in an era of increasing geopolitical tensions. The flawed Cinterion modems now represent a critical vulnerability across critical US facilities in sectors such as energy and healthcare.
As we recently reported, the White House has, for example, issued an urgent appeal to all US state governors to prepare to cope with their water systems being attacked and taken down by Chinese cyber-attacks. The White House also reports that hackers affiliated with the Iranian Government Islamic Revolutionary Guard Corps (IRGC) have already carried out malicious cyberattacks against US critical infrastructure. This followed hard on the heels of an even starker warning at the end of last month by the US Federal Bureau of Investigation (FBI) at the Munich Cyber Security Conference, the security version of Davos, of the threat to life and liberty in the US now posed by China’s ongoing cyber-war.
