IOSIX IO-1020 Micro ELD

Plan Patch9.6ICS-CERT ICSA-24-093-01Apr 2, 2024

Attack VectorAdjacent

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

The IOSIX IO-1020 Micro ELD contains vulnerabilities (CWE-1392, CWE-494) that allow an adjacent attacker with physical access to the vehicle's network to take control of the device and modify vehicle systems without authentication. Successful exploitation could result in unauthorized modification of vehicle operational parameters and safety systems. The vulnerability is not remotely exploitable and requires direct physical connection to the device.

What this means

What could happen

An attacker with physical access to the vehicle's network could take control of the IO-1020 Micro ELD and modify vehicle systems, potentially disabling safety features or altering operational parameters.

Who's at risk

Fleet operators and transportation companies using IOSIX IO-1020 Micro ELD devices should care about this vulnerability. The device is commonly used in commercial vehicles for electronic logging and compliance tracking. Affected equipment includes any vehicle equipped with an IO-1020 Micro ELD device running firmware versions earlier than 360.

How it could be exploited

An attacker must be physically adjacent to the vehicle and connect directly to the device's network interface. Once connected, they can send commands to the IO-1020 without authentication to modify the device's configuration or inject malicious firmware, gaining control over vehicle systems that depend on the ELD.

Prerequisites

Physical proximity to the vehicle
Direct network access to IO-1020 device (e.g., OBD-II port or vehicle network interface)
No valid credentials required

No authentication requiredLow attack complexityNo patch available for older firmware versions until version 360 releaseAffects vehicle operational safety and control systemsPhysical access required but relatively easy to achieve

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (1)

ProductAffected VersionsFix Status

IO-1020 Micro ELD: <360<360360

Remediation & Mitigation

0/4

Do now

0/1

HARDENINGPhysically secure vehicle access points (OBD-II port, network connectors) to prevent unauthorized device connections

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate IO-1020 Micro ELD firmware to version 360 or later

Long-term hardening

0/2

HARDENINGMinimize network exposure by ensuring IO-1020 devices are not accessible from external networks or the internet

HARDENINGImplement physical security controls such as vehicle locks, parking in secure facilities, and driver training to prevent unauthorized access to vehicle internals

CVEs (3)

CVE-2024-30210 CVE-2024-31069 CVE-2024-28878

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/8fda30a6-7243-4126-982c-9d4834310154