A serious vulnerability in the firmware of InHand Networks' InRouter industrial routers threatens robots, electricity meters, medical and other Internet of Things devices.
Researchers have discovered a critical vulnerability CVE-2023-22598 with a score of 10 out of 10 in the InRouter firmware, which makes thousands of wireless IoT devices vulnerable to remote code execution.
The problem was reported by specialists from OTORIO, who specialize in the security of OT environments, and almost immediately CISA also issued its warning about vulnerabilities in InHand Networks routers.
In total, the OTORIO team reported five vulnerabilities in the InHand Networks cloud management platform and InRouter firmware.
Bugs allow attackers to bypass NAT and traditional security levels, as well as remotely execute unauthorized code on behalf of the root user on devices connected to the cloud.
According to the CISA warning, the CVE-2023-22598 error affects the InRouter302 models (all versions up to IR302 V3.5.56) and InRouter615 (all versions up to InRouter6XX-S-V2.3.0.r5542), which pose a threat to the transmission of confidential information in plain text, the introduction of OS commands, the use of a one-way hash with predictable salt and bypass access control.
By default, vulnerable products use an unsecured channel to communicate with a cloud platform, where an unauthorized user can intercept messages and steal confidential information. For example, configuration information and MQTT credentials.
In the capable hands of an attacker, these bugs can allow you to completely take control of any device managed by the InHand Networks cloud.
OTORIO experts warn that the identified errors pose a serious threat.
The fact is that InRouters are used in many different systems from, including industrial robots, drilling rigs, elevators, medical devices, charging stations for electric vehicles, smart meters, etc.