Sierra Wireless AirLink Raven X EV-DO Vulnerabilities (Update B)
Low RiskICS-CERT ICSA-14-007-01BOct 10, 2014
Summary
Sierra Wireless AirLink Raven X EV-DO devices contain vulnerabilities related to insufficient encryption (CWE-311) and missing authentication (CWE-294). These vulnerabilities affect firmware versions 4.0.11.003 for both the 4221 and 4228 models. No firmware patch is available from the vendor.
What this means
What could happen
An attacker with network access to the AirLink Raven X EV-DO could intercept unencrypted communications or bypass authentication controls, potentially gaining unauthorized access to the device and the industrial systems it connects.
Who's at risk
Water utilities, electric utilities, and other critical infrastructure operators using Sierra Wireless AirLink Raven X EV-DO cellular gateways for remote monitoring and SCADA communications should evaluate their exposure. These devices are commonly used in distributed industrial sites for telemetry and control system connectivity.
How it could be exploited
An attacker on the same network as the AirLink Raven X EV-DO could capture unencrypted traffic (CWE-311) or exploit missing or improperly implemented authentication (CWE-294) to access the device's management functions or data streams without valid credentials.
Prerequisites
- Network access to the AirLink Raven X EV-DO device or its data traffic
- The device must be configured to use unencrypted communications or weak authentication
No patch availableWeak or missing authentication (CWE-294)Unencrypted communications (CWE-311)Affects legacy/end-of-life device
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (1)
ProductAffected VersionsFix Status
AirLink Raven X EV-DO: 4221_4.0.11.003|4228_4.0.11.0034221 4.0.11.003|4228 4.0.11.003No fix (EOL)
Remediation & Mitigation
0/4
Do now
0/2HARDENINGImplement network segmentation to isolate AirLink Raven X EV-DO devices from untrusted networks and limit access to only necessary systems
WORKAROUNDConfigure firewall rules to restrict inbound access to the device's management ports
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HARDENINGMonitor and log all connections to AirLink Raven X EV-DO devices to detect unauthorized access attempts
Mitigations - no patch available
0/1AirLink Raven X EV-DO: 4221_4.0.11.003|4228_4.0.11.003 has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGEvaluate replacement or migration of AirLink Raven X EV-DO devices to supported products with security patches
CVEs (2)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/3a503e2a-ee6d-4636-8421-524f2805097c