ClickCease Teltonika networks’ IIoT products vulnerable to remote attacks

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

Teltonika networks’ IIoT products vulnerable to remote attacks

May 30, 2023 - TuxCare PR Team

Claroty and Otorio have discovered severe flaws in Teltonika Networks’ Industrial Internet of Things (IIoT) devices, posing a substantial danger to operational technology (OT) networks.

The investigation uncovered eight flaws in Teltonika’s widely used networking technologies, exposing thousands of internet-connected devices globally. Versions previous to 4.10.0 of Remote Management System (RMS) are vulnerable to CVE-2023-32346, CVE-2023-32347, CVE-2023-32348, CVE-2023-2587, and CVE-2023-2588. Versions previous to 4.14.0 of the Remote Management System (RMS) are vulnerable to CVE-2023-2586. Versions 00.07.00 through of the RUT model routers are susceptible to CVE-2023-32349. Versions 00.07.00 to 00.07.03 of RUT model routers (vulnerable to CVE-2023-32350)

The collaborative investigation uncovered a number of attack paths that took use of flaws in internet-exposed services, cloud account takeover, and cloud infrastructure vulnerabilities. Attackers can monitor network traffic, access confidential data, hijack internet connections, and undermine internal services if these holes are successfully exploited. Attackers can also use device manipulation to change router settings, taking control of networked devices and launching more assaults on other networks.

It concentrated on Teltonika’s RUT241 and RUT955 cellular routers, as well as the company’s Remote Management System (RMS). Remote monitoring, control, sophisticated device management capabilities, software upgrades, GPS tracking, and data visualization are all accessible with the flexible Teltonika RMS, which is available in both cloud-based and on-premises configurations.

Recognizing the gravity of the flaws, the US Cybersecurity and Infrastructure Security Agency (CISA) published an alert underlining the potential consequences. CISA said that the holes might disclose sensitive device information and passwords, allow remote code execution, reveal network-connected devices, and allow genuine devices to be impersonated.

Teltonika quickly responded to the discovered vulnerabilities by issuing updates for the impacted products. It responded quickly to security problems in both the RUT routers and the RMS platform. Among the vulnerabilities and updates are those affecting various versions of the Remote Management System (RMS) and RUT type routers.

Users of Teltonika Networks’ IIoT products are strongly encouraged to upgrade their devices with the published patches and ensure they are running the latest firmware versions to prevent these risks. Furthermore, enterprises should adhere to best practices for safeguarding their OT networks, such as network segmentation, frequent vulnerability assessments, and tight access restrictions.

The sources for this piece include an article in SecurityAffairs.

Teltonika networks’ IIoT products vulnerable to remote attacks
Article Name
Teltonika networks’ IIoT products vulnerable to remote attacks
Claroty and Otorio have discovered severe flaws in Teltonika Networks' Industrial Internet of Things (IIoT) devices.
Publisher Name
Publisher Logo

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Learn About Live Patching with TuxCare

Become a TuxCare Guest Writer

Get started




Linux & Open Source

Subscribe to
our newsletter