"Organizations Warned of Critical Vulnerabilities in NetModule Routers"
Security researchers at Flashpoint are warning organizations of two newly identified critical vulnerabilities in NetModule Router Software (NRSW) that could be exploited in attacks. Acquired by Belden earlier this year, NetModule provides IIoT and industrial routers, vehicle routers, and other types of wireless M2M connectivity products. The researchers noted that all of NetModule’s routers run the Linux-based NRSW by default and can be managed remotely using a remote management platform. According to the researchers, remote attackers could exploit the two critical flaws in NetModule’s router software to access administrative functionality. The researchers noted that the security issues were found in code that NetModule removed from NRSW in 2018, but hundreds of devices are still running the older platform versions and can be accessed from the internet. The researchers have not shared technical details on the discovered vulnerabilities but warn that the continued use of the vulnerable devices exposes organizations to potential exploitation attempts. The researchers notified NetModule of these vulnerabilities and encouraged the vendor to inform customers of their existence, even if they do not impact newer device models. At the time of this publishing, NetModule clients using vulnerable versions of NRSW have no knowledge of these critical vulnerabilities affecting their devices. NetModule has stated that they have no plans of releasing a security advisory, citing an internal policy of only addressing supported releases. Furthermore, the company stated that they have already published discontinuation notices and continuously asked customers to keep devices up-to-date. The researchers said that using end-of-life products is by default a poor security practice, especially considering the widespread exploitation of older vulnerabilities by both advanced persistent threat (APT) actors and cybercriminals. Still, the researchers stated that vendors should always inform users of potential vulnerabilities in their products.
SecurityWeek reports: "Organizations Warned of Critical Vulnerabilities in NetModule Routers"