Dozens of vulnerabilities have been discovered in the ADINANTECH EKI devices used for industrial wireless communication, with six of them classified as critical. These vulnerabilities can be exploited by attackers to bypass authentication measures and execute code with super-user privileges, posing significant threats to data confidentiality, integrity, and availability.
According to a report by Nozomi Network Networks, several of these vulnerabilities present a high level of danger, including the potential for remote code execution without authentication. This could enable attackers to gain persistent access to device resources, establish a backdoor, or cause a denial of service.
The critical vulnerabilities, such as CVE-2024-50375 (CVSS: 9.8), are linked to the mishandling of specific elements in command system commands, leading to a lack of authentication for critical functions and simplifying potential attacks.
In addition, vulnerabilities like CVE-2024-50376 (intersight scripting) and CVE-2024-50359 (injection of OS commands) were also identified, allowing attackers to execute arbitrary code by sending specially crafted data from a fake access point.
To exploit these vulnerabilities, attackers need physical proximity to the Advantech devices and must transmit data via a fake access point. The malicious data is then processed in the Wi-Fi Analyzer section, triggering the vulnerabilities automatically.
A significant threat lies in the potential transfer of JavaScript payloads through a fake SSID, enabling attackers to execute arbitrary code in the administrator’s browser, potentially leading to Root privilege commands execution and establishing a reverse shell for remote access.
Advantech has released firmware updates to address these vulnerabilities and users are urged to promptly update their devices to versions 1.6.5 or 1.2.2, depending on the specific model.