OTPulse
FeedAboutContact

Delta 4G Router DX-3021

Act Now7.2ICS-CERT ICSA-22-354-05Dec 20, 2022
Attack VectorNetwork
Auth RequiredHigh
ComplexityLow
User InteractionNone needed
Summary

Delta 4G Router DX-3021L9 (firmware version before 1.24) contains a file manipulation vulnerability that allows an authenticated administrative user to add, delete, or change permissions on files stored on the router. This could compromise router configuration integrity, disable security features, or disrupt communications with remote monitoring assets. The vulnerability is remotely accessible with low attack complexity. Delta has released a patched firmware version addressing this issue.

What this means
What could happen
An attacker with high-level administrative credentials could add, delete, or modify files on the 4G router, potentially disrupting communications with remote field devices, sensor data integrity, or failover systems at your water or electric utility.
Who's at risk
Water authorities and electric utilities that use Delta 4G Router DX-3021L9 for remote monitoring or communications with field devices (RTUs, PLCs, SCADA terminals, or remote pump/generator stations) are affected. Organizations relying on this router for backup connectivity or IoT sensor networks should prioritize this.
How it could be exploited
An attacker with valid administrative credentials could send commands over the network to the DX-3021L9 router to manipulate the file system. This could alter router configuration, disable security controls, or corrupt operational data flowing to or from remote assets.
Prerequisites
  • Valid administrative credentials for the router
  • Network access to the DX-3021L9 router management interface
  • Knowledge of administrative account username and password
Remotely exploitableLow attack complexityHigh EPSS score (34%)Affects network communications infrastructureAdministrative credentials required but may be weak or default
Exploitability
High exploit probability (EPSS 34.0%)
Affected products (1)
ProductAffected VersionsFix Status
4G Router DX-3021: DX-3021L9< 1.24No fix yet
Remediation & Mitigation
0/4
Do now
0/1
WORKAROUNDRestrict network access to the DX-3021L9 management interface to authorized administrative workstations only using firewall rules
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXContact Delta Electronics to obtain and deploy the patched firmware version for DX-3021L9
Long-term hardening
0/2
HARDENINGIsolate the 4G router from the business network and the internet; place it on a segregated OT network with limited ingress/egress
HARDENINGIf remote management is required, use a VPN with strong authentication and keep VPN software updated
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/b0f78cbc-c2a9-4cba-9aee-432465f37ac0
Delta 4G Router DX-3021 | CVSS 7.2 - OTPulse