Atelmo Atemio AM 520 HD Full HD Satellite Receiver

Act Now9.8ICS-CERT ICSA-24-270-03Sep 26, 2024

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

The Atelmo Atemio AM 520 HD satellite receiver contains an OS command injection vulnerability (CWE-78) that allows an unauthorized attacker to execute system commands with elevated privileges via the network without authentication. The product is version TitanNit_2.01 and earlier. The vendor has discontinued the product with no service or support available.

What this means

What could happen

An attacker could remotely execute commands on the satellite receiver with elevated privileges, potentially allowing control or shutdown of the device and any dependent broadcast or signal distribution infrastructure.

Who's at risk

Satellite broadcast and signal distribution operators using the Atelmo Atemio AM 520 HD receiver for content delivery or regional broadcast distribution. This includes cable providers, municipal broadcasters, and private satellite communication operators.

How it could be exploited

An attacker with network access to the device can send a specially crafted request to inject OS commands through an unsanitized input parameter. The commands execute with elevated privileges, giving the attacker full control over the receiver's operation and configuration.

Prerequisites

Network access to the Atelmo Atemio AM 520 HD receiver on port(s) where the vulnerable interface listens
No authentication required

remotely exploitableno authentication requiredlow complexityno patch availableend-of-life product

Exploitability

Moderate exploit probability (EPSS 3.7%)

Affected products (1)

ProductAffected VersionsFix Status

Atemio AM 520 HD: <=TitanNit_2.01≤ TitanNit 2.01No fix yet

Remediation & Mitigation

0/5

Do now

0/2

WORKAROUNDIf the device is still in operation, disconnect it from the network or restrict network access using network-based controls (firewall rules, air-gapping) to permit only trusted administrative access

HARDENINGIsolate the satellite receiver behind a firewall; do not expose it directly to the internet or untrusted networks

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HARDENINGIf remote access is required for management, implement a VPN with current security patches and strong authentication; avoid direct remote access to the device

HOTFIXPlan replacement or retirement of the Atelmo Atemio AM 520 HD with a supported and patched receiver model

Long-term hardening

0/1

HARDENINGMonitor network logs and device behavior for signs of unauthorized command execution or unusual configuration changes

CVEs (1)

CVE-2024-9166

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/87df5d0e-a75c-4c95-ba31-a3002c6e0b4f