ConnectedIO’s 3G/4G Routers Vulnerability Let Hackers Execute Malicious Code. Critical issues in ConnectedIO’s ER2000 edge routers have been discovered. An attacker can compromise the cloud infrastructure, execute malicious code, and expose user and device data. Flaws have been fixed by Team82. The vulnerabilities impact the ConnectedIO platform and the MQTT communication protocol. Hard-coded authentication credentials can be exploited to gain access to router passwords, SSIDs, and device identifiers. IMEI information can be used to impersonate devices and force them to execute commands. Firmware upgrades have been issued to address the vulnerabilities. Patch Manager Plus can be used to patch vulnerabilities in third-party applications. #CyberSecurity #Vulnerability #RouterSecurity #CloudSecurity #DataBreach.
https://cybersecuritynews.com/connectedios-3g-4g-routers-vulnerability/