Adcon Telemetry A840 Vulnerabilities

Plan PatchCVSS 10ICS-CERT ICSA-15-349-01Sep 17, 2015

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

The Adcon A840 Telemetry Gateway Base Station contains multiple critical vulnerabilities: CWE-798 (hardcoded credentials), CWE-287 (broken authentication), CWE-319 (cleartext transmission), and CWE-200 (information exposure). The device ships with default credentials that cannot be changed and uses unencrypted communication protocols. These allow unauthenticated remote attackers to retrieve sensitive information, impersonate legitimate telemetry connections, and potentially send unauthorized commands to monitored sites. All versions are affected. The A840 is end-of-life and no vendor patch is available.

What this means

What could happen

An attacker with network access could use default credentials to authenticate to the A840 gateway, then intercept unencrypted communications or hardcoded credentials to gain unauthorized access to the telemetry network, potentially allowing them to read sensor data or send false commands to monitored sites.

Who's at risk

Water utilities and municipal electric utilities operating Adcon A840 telemetry gateway base stations for remote monitoring of SCADA-connected sites (reservoirs, pump stations, substations, weather stations) should implement compensating controls immediately. The A840 is commonly used in legacy telemetry networks across North America.

How it could be exploited

An attacker on the network sends an authentication request to the A840 gateway using published default credentials. Once authenticated, the attacker can read hardcoded credentials stored in the device configuration or intercept plaintext communications to downstream telemetry devices, gaining access to the monitoring and control functions of the water or utility infrastructure.

Prerequisites

Network access to the A840 gateway management interface or communication ports
Knowledge of default credentials (documented in product materials or publicly disclosed)
No requirement for valid engineering credentials; default credentials are pre-set by the vendor

Remotely exploitableNo authentication required (default credentials)Low complexity attackNo patch availableHardcoded credentialsUnencrypted communicationsDefault passwordsEnd-of-life product

Exploitability

Some exploitation risk — EPSS score 1.0%

Affected products (1)

ProductAffected VersionsFix Status

A840 Telemetry Gateway Base Station: vers:all/*All versionsNo fix (EOL)

Remediation & Mitigation

0/5

Do now

0/3

HARDENINGNetwork segmentation: Place the A840 gateway on an isolated network segment accessible only to authorized personnel. Restrict inbound network access to management ports using firewall rules based on source IP and port.

WORKAROUNDChange all default credentials on the A840 gateway immediately. Set strong, unique passwords for all administrative accounts and disable any unnecessary service accounts.

HARDENINGImplement network monitoring and logging of all communications to and from the A840 gateway. Log all authentication attempts and configuration changes for forensic review.

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HARDENINGDisable unnecessary remote access protocols (SSH, Telnet, HTTP) if not required for operations. Use encrypted management channels only (HTTPS or SSH with key-based authentication).

Mitigations - no patch available

0/1

A840 Telemetry Gateway Base Station: vers:all/* has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:

HARDENINGEvaluate migration to a newer telemetry gateway product from Adcon or an alternative vendor that supports modern security practices, as A840 is end-of-life and will not receive vendor security updates.

CVEs (4)

CVE-2015-7930 CVE-2015-7932 CVE-2015-7934 CVE-2015-7931

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/950df288-6a0f-476e-acfe-d0ee10700640

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.