Teltonika networks’ IIoT products vulnerable to remote attacks
Claroty and Otorio have discovered severe flaws in Teltonika Networks’ Industrial Internet of Things (IIoT) devices, posing a substantial danger to operational technology (OT) networks.
The investigation uncovered eight flaws in Teltonika’s widely used networking technologies, exposing thousands of internet-connected devices globally. Versions previous to 4.10.0 of Remote Management System (RMS) are vulnerable to CVE-2023-32346, CVE-2023-32347, CVE-2023-32348, CVE-2023-2587, and CVE-2023-2588. Versions previous to 4.14.0 of the Remote Management System (RMS) are vulnerable to CVE-2023-2586. Versions 00.07.00 through 00.07.03.4 of the RUT model routers are susceptible to CVE-2023-32349. Versions 00.07.00 to 00.07.03 of RUT model routers (vulnerable to CVE-2023-32350)
The collaborative investigation uncovered a number of attack paths that took use of flaws in internet-exposed services, cloud account takeover, and cloud infrastructure vulnerabilities. Attackers can monitor network traffic, access confidential data, hijack internet connections, and undermine internal services if these holes are successfully exploited. Attackers can also use device manipulation to change router settings, taking control of networked devices and launching more assaults on other networks.
It concentrated on Teltonika’s RUT241 and RUT955 cellular routers, as well as the company’s Remote Management System (RMS). Remote monitoring, control, sophisticated device management capabilities, software upgrades, GPS tracking, and data visualization are all accessible with the flexible Teltonika RMS, which is available in both cloud-based and on-premises configurations.
Recognizing the gravity of the flaws, the US Cybersecurity and Infrastructure Security Agency (CISA) published an alert underlining the potential consequences. CISA said that the holes might disclose sensitive device information and passwords, allow remote code execution, reveal network-connected devices, and allow genuine devices to be impersonated.
Teltonika quickly responded to the discovered vulnerabilities by issuing updates for the impacted products. It responded quickly to security problems in both the RUT routers and the RMS platform. Among the vulnerabilities and updates are those affecting various versions of the Remote Management System (RMS) and RUT type routers.
Users of Teltonika Networks’ IIoT products are strongly encouraged to upgrade their devices with the published patches and ensure they are running the latest firmware versions to prevent these risks. Furthermore, enterprises should adhere to best practices for safeguarding their OT networks, such as network segmentation, frequent vulnerability assessments, and tight access restrictions.
The sources for this piece include an article in SecurityAffairs.