Sierra Wireless Mitigates Vulnerabilities

Tuesday, April 25, 2017 @ 04:04 PM gHale


Sierra Wireless released new firmware to mitigate multiple vulnerabilities in its AirLink Raven XE and XT products, according to a report with ICS-CERT.

This is an update to a report released last June for Sierra Wireless’ improper authorization, cross-site request forgery, and insufficiently protected credentials vulnerabilities.

RELATED STORIES
BLF-Tech LLC VisualView HMI
Update to ‘BrickerBot’ Attack
Belden Updates Fixes for GECKO
Wecon Mitigates HMI Editor Holes

The following Sierra Wireless gateways suffer from the remotely exploitable vulnerabilities:
• AirLink Raven XE, all versions prior to 4.0.14
• AirLink Raven XT, all versions prior to 4.0.11

Successful exploitation of these vulnerabilities may allow a remote attacker to perform unauthorized sensitive functions compromising the confidentiality, integrity, and availability of the affected system.

Independent researcher Karn Ganeshen identified and publicly released vulnerabilities in the Sierra Wireless AirLink Raven XE and XT Gateways prior to coordinating with ICS-CERT; however, the researcher did initially coordinate the identified vulnerabilities with the vendor.

In one vulnerability, several files and directories can end up accessed without authentication, which may allow a remote attacker to perform sensitive functions including arbitrary file upload, file download, and device reboot.

CVE-2017-6044 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 10.0.

In the cross-site request forgery vulnerability, affected devices do not verify if a request was intentionally sent by the logged-in user, which may allow an attacker to trick a client into making an unintentional request to the web server that will end up treated as an authentic request.

CVE-2017-6042 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.8.

Sensitive information is insufficiently protected during transmission and vulnerable to sniffing, which could lead to information disclosure.

CVE-2017-6046 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 4.3.

The products see use mainly in the critical manufacturing and energy sectors. The products also see action on a global basis.

Richmond, British Columbia, Canada-based Sierra Wireless released new firmware versions to address the forced browsing and cross-site request forgery vulnerabilities. Sierra Wireless reports that the insufficiently protected credentials vulnerability will not be addressed.

Click here for Sierra Wireless’s Raven XE firmware Version 4.0.14.

Click here for Sierra Wireless’s Raven XT firmware Version 4.0.11.

Click here for Sierra Wireless’ Technical Bulletin.

For additional information about these vulnerabilities or the recommendations provided, email Sierra Wireless’ security team.



Leave a Reply

You must be logged in to post a comment.