Researchers discover dozens of new bugs affecting Sierra Wireless routers

Researchers have discovered more than 20 security flaws affecting routers manufactured by the Canadian communications equipment vendor Sierra Wireless.

The company’s AirLink cellular routers are often used in critical infrastructure sectors, such as government and commercial facilities, emergency services, energy, transportation, water and healthcare. These routers connect critical local networks to the internet via cellular connections such as 3G and 4G.

In a report published on Tuesday, California-based cybersecurity firm Forescout Vedere Labs said it found more than 86,000 of these routers exposed online. Most of them are used in the U.S., Canada, Australia, France, and Thailand.

Among 21 new vulnerabilities discovered by researchers, one has a critical severity score and nine have a high severity score. Industries like manufacturing and healthcare are among the most affected, researchers said.

In addition to routers, the researchers also found vulnerabilities in open-source components used in a variety of other products. For example, one critical flaw tracked as CVE-2023-41101 was found in OpenNDS — a service that separates the public local area network (LAN) from the internet.

According to researchers, potential attackers could exploit the newly identified vulnerabilities to gain complete control over routers in critical infrastructure, allowing them to disrupt the network, spy on their victims, or deploy additional malware.

For instance, in a healthcare facility, attackers could take control of a router to target devices belonging to patients, guests, or staff, thereby distributing further malware. Similarly, in the manufacturing industry, attackers could seize control of a router within a plant to launch attacks on industrial equipment.

In addition to human attackers, these vulnerabilities can be exploited by botnets — groups of devices used by hackers to send spam emails, spread malware, or launch cyberattacks. Previous botnets, such as IoTroop/Reaper, have targeted exposed Sierra Wireless routers using default or stolen passwords and zero-day vulnerabilities

The researchers didn't mention whether the vulnerabilities have been exploited in the wild. Sierra Wireless, which did not respond to requests for comment, has released an update to address the new vulnerabilities.

The OpenNDS project has also already released an update that contains fixes for all reported vulnerabilities.

Security flaws in routers and network infrastructure have been among the most exploited types of bugs recently, according to Forescout Vedere Labs. State-sponsored actors have been developing custom malware to use routers for espionage, while cybercriminals often use them to form botnets.

In April of this year, for example, U.S. technology giant Cisco warned about attacks on routers allegedly being carried out by Russian military hackers to target victims in Europe, U.S. government institutions and approximately 250 Ukrainian victims.