New Security Release for Ctek SkyRouter

Thursday, September 21, 2017 @ 05:09 PM gHale


Ctek, Inc. issued its latest security release to mitigate an improper authentication vulnerability in its SkyRouter product, according to a report with ICS-CERT.

A wireless and automation solution, SkyRouter Series 4200 and 4400 all versions prior to V6.00.11 suffer from the remotely exploitable vulnerability, discovered by Maxim Rupp.

RELATED STORIES
Digium Asterisk GUI Migration Plan
Update for iniNet’s SCADA Webserver
Saia Burgess Fixes PCD Controllers
Fix is in for mGuard Device Manager

Successful exploitation of this vulnerability may allow an unauthorized user to view and edit settings without authenticating.

No known public exploits specifically target this vulnerability. However, an attacker with low skill level could exploit the vulnerability.

By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access the application without authenticating.

CVE-2017-14000 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.6.

The product sees use in the commercial facilities, communications, food and agriculture, transportation systems, and water and wastewater systems sectors. It also sees action on a global basis.

San Pedro, CA-based Ctek reports they have addressed this issue and addressed additional security requirements in their latest security release V6.00.11, which is now available on all models currently in production. These models are identified as Z4500, Z4550, and Z4400.

The update is available via the wireless device’s Tool and Utilities Section, which provides an Over-The-Air Firmware update mechanism. Ctek said due to industry demand, wireless carriers are rapidly eliminating 2G and 3G CDMA service and they will not be creating any additional update releases for those products.

Ctek said they are now selling a 4G version of the SkyRouter which they confirm the latest firmware release in this product does address the issues reported in the 3G device. They no longer sell the 2G/3G version of the SkyRouter on which the vulnerability was originally reported.



Leave a Reply

You must be logged in to post a comment.