This decision comes after evidence emerged that the flaw is being actively exploited in the wild. Posing significant risks to organizations that still utilize these legacy devices.
Federal agencies and private organizations are now urged to take immediate action to secure their networks against this specific threat.
The vulnerability, tracked as CVE-2018-4063, impacts the Sierra Wireless AirLink ALEOS operating system. It is described as an “Unrestricted Upload of File with Dangerous Type” flaw.
| CVE ID | CVE-2018-4063 |
|---|---|
| Description | Sierra Wireless AirLink ALEOS contains an unrestricted upload of file with dangerous type vulnerability. |
| Vulnerability Name | Sierra Wireless AirLink ALEOS Unrestricted Upload of File with Dangerous Type Vulnerability |
| Related CWE | CWE-434 |
Security researchers have determined that the issue allows an authenticated attacker to exploit the web server. By sending a specially crafted HTTP request, a threat actor can upload malicious files directly to the device.
Once a malicious file is uploaded, it can result in the execution of arbitrary code on the web server. This Remote Code Execution (RCE) capability effectively gives attackers control over the compromised router.
Although the vulnerability requires authentication to trigger, attackers often exploit it in combination with weak or default credentials to gain initial access.
The severity of this flaw is compounded by the fact that it allows for persistent access and potential lateral movement within a network.
A critical aspect of this alert is the status of the impacted hardware. CISA has noted that the affected Sierra Wireless AirLink products may be End-of-Life (EoL) or End-of-Service (EoS).
This means the vendor is likely no longer releasing security updates or patches for these devices. Consequently, the standard advice to “patch immediately” is not applicable here. Instead, CISA strongly advises users to discontinue using these products.
Continued use of EoL hardware leaves networks exposed to known exploits that cannot be remediated through software updates.
Federal Civilian Executive Branch (FCEB) agencies have been given a strict deadline to remove these devices from their infrastructure to comply with Binding Operational Directive (BOD) 22-01.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post CISA Adds Sierra Router Vulnerability to KEV Catalogue Following Active Exploitation appeared first on Cyber Security News.
Neiki Editor is a vanilla JavaScript rich text editor that turns a textarea into a…
CalendarJS is a feature-rich JavaScript calendar library that allows you to create calendars, date pickers,…
LANSING, MI (WOWO) A Michigan township official is urging communities to update zoning policies as…
A critical vulnerability in Flowise and multiple AI frameworks has been discovered by OX Security,…
Vercel has disclosed a significant security incident after threat actors gained unauthorized access to internal…
HAMMOND, IND. (WOWO) Indiana officials have approved a lease amendment that will allow more frequent…
This website uses cookies.