Researchers Warn of Flaw Affecting Millions of IoT Devices
#1
Information 
Quote:A patch has been issued for the flaw in a widely-used module, and researchers are urging IoT manufacturers to update their devices ASAP.
 
Researchers are urging connected-device manufacturers to ensure they have applied patches addressing a flaw in a module used by millions of Internet-of-Things (IoT) devices. If exploited, researchers speculated that the flaw could allow attackers to knock out a city’s electricity or even overdose a medical patient.
 
The vulnerability exists in a widely used Cinterion module, a small electronic device embedded in IoT devices that connects to wireless networks and sends and receives data. The module is manufactured by Thales, a French company that designs and builds electrical systems for aerospace markets.
 
Researchers discovered the flaw in Cinterion’s EHS8 module – however, further testing revealed that five other models in the same product line were also affected (BGS5, EHS5/6/8, PDS5/6/8, ELS61, ELS81, PLS62). The flaw could be exploited to steal confidential information, take control of devices, gain access to control networks and more.
 
“[The modules] store and run Java code, often containing confidential information like passwords, encryption keys and certificates,” said Adam Laurie, with IBM X-Force Threat Intelligence, in a Wednesday post. “Using information stolen from the modules, malicious actors can potentially control a device or gain access to the central control network to conduct widespread attacks – even remotely via 3G in some cases.”

Read more: https://threatpost.com/flaw-affecting-mi...es/158472/
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
AMD prepares Linux support for new Low P...
AMD Linux patch ad...harlan4096 — 07:16
Opera 149.0.7827.197
Dear Opera Users! ...harlan4096 — 07:14
Privazer 4.0.124.1 (28 June 2026)
v4.0.124.1 (28 Jun...harlan4096 — 07:13
GlassWire 3.9.1102 - (June 29, 2026)
Version 3.9.1102 -...harlan4096 — 07:12
AMD Radeon Software Adrenalin 26.6.4 dri...
AMD Radeon Software...harlan4096 — 07:10

[-]
Birthdays
Today's Birthdays
avatar (43)uapedDow
avatar (47)suiscced
avatar (48)Angarpaf
avatar (41)clarissalo60
Upcoming Birthdays
avatar (47)dapedDow
avatar (49)TromPerl
avatar (46)RidgeDimb
avatar (37)ipumaqar
avatar (51)tanliorsPeri
avatar (43)lapedDow
avatar (49)rituabew
avatar (37)omyjul
avatar (41)papedDow
avatar (50)ArnoldFum
avatar (38)yfaza
avatar (49)Kevensi
avatar (48)ConradRoand
avatar (39)boineDon
avatar (51)spoofTum
avatar (50)WillieVot
avatar (40)Grompelbawn
avatar (41)vkseogaF
avatar (37)usogy
avatar (41)optsaZes
avatar (40)RaymondViata
avatar (40)ywixazok
avatar (38)ixoqe
avatar (56)Step 1
avatar (36)pa.OpenTran

[-]
Online Staff
There are no staff members currently online.

>