-
IoT Knowledge Base
Learn the key concepts you need to know. Without the technical jargon.
-
IoT Reports & Guides
In-depth research, white-papers and guides from Pelion.
-
Blog Articles & News
The latest insights on industry trends, best practices, and Pelion announcements.
-
Events & Webinars
Upcoming events, online sessions, and expert-led webinars
-
About Us
Our mission, values, team, and the solutions we offer in the IoT space.
-
The Team
Meet our team behind Pelion's effortless connectivity.
-
Careers
Job opportunities, company culture, and the benefits of joining our team.
-
Sustainability
Our commitment to environmentally responsible practices.
-
Contact Us
- Blog Articles & News
- 21 Vulnerabilities Affecting Sierra Wireless Routers, TinyXML and OpenDNS Services identified
21 Vulnerabilities Affecting Sierra Wireless Routers, TinyXML and OpenDNS Services identified
December 11, 2023 — 2 min read
A set of 21 vulnerabilities collectively known as "Sierra:21" has been identified, impacting Sierra OT/IoT routers and posing threats to critical infrastructure.
The vulnerabilities were discovered by Forescout Vedere Labs and affect Sierra Wireless AirLink cellular routers, as well as open-source components like TinyXML and OpenNDS (open Network Demarcation Service).
Sierra AirLink routers are widely used in industrial and mission-critical applications for their high-performance 3G/4G/5G and WiFi capabilities, serving applications such as passenger WiFi in transit systems, vehicle connectivity for emergency services, and more.
In his blog article posted on www.bleepingcompter.com, author, Bill Toulas explains the vulnerabilities as posing risks such as remote code execution, unauthorised access, cross-site scripting, authentication bypass, and denial-of-service attacks. Notably, the flaws could potentially allow an attacker to take full control of an OT/IoT router in critical infrastructure, leading to network disruption, espionage, lateral movement to more important assets, and malware deployment.
Forescout's researchers found over 86,000 AirLink routers exposed online in critical organisations worldwide, particularly in the United States, Canada, Australia, France, and Thailand. The majority of these systems are in the U.S.
Forescout recommends upgrading to the ALEOS (AirLink Embedded Operating System) version 4.17.0 or, at a minimum, ALEOS 4.9.9 to address all vulnerabilities. The OpenNDS project has also released security updates for the vulnerabilities affecting the open-source project.
Administrators are advised to take additional actions for enhanced protection, including changing default SSL certificates, disabling or restricting non-essential services, implementing a web application firewall, and installing an OT/IoT-aware IDS to monitor network traffic for security breaches. Forescout emphasizes that routers and network infrastructure are increasingly targeted by threat actors for persistence and espionage purposes, using devices for proxying malicious traffic or expanding botnets.