Researchers detail bug in wireless devices impacting critical sectors


Level 69
Content Creator
Malware Hunter
Aug 17, 2014
A vulnerability affecting components used in millions of critical connected devices in the automotive, energy, telecom, and medical sector could let hackers hijack the device or access the internal network.

In some cases, the flaw is remotely exploitable over 3G. Researchers found it in the Cinterion EHS8 M2M module from Thales (formerly from Gemalto, acquired by Thales in 2019) but the vendor also confirmed it in BGS5, EHS5/6/8, PDS5/6/8, ELS61, ELS81, PLS62.

Over 30,000 companies use products from Thales, which connects more than 3 billion things worldwide every year.

Researchers at X-Force Red, IBM’s independent team of veteran hackers, discovered a method to bypass security checks protecting the files and operational code in the EHS8 module.

“Think of this module as the equivalent of a trustworthy digital lockbox, where companies can securely store a range of secrets such as passwords, credentials and operational code. This vulnerability undermines that function by allowing attackers to steal organizational secrets” IBM X-Force Red

A technical report from X-Force Red today explains that EHS8 and the other products in its line have a microprocessor with an embedded Java ME interpreter, flash storage, and interfaces for GSM, GPIO, ADC, Digital and Analogue Audio, GPS, I2C, SPI, and USB. [...]