Sierra Wireless AirLink Raven XE Industrial 3G Gateway - Multiple Vulnerabilities Reported (UPDATE)

Number: AL16-014
Date: 29 June 2016

Purpose

CORRECTION: The vendor has not yet published or registered an official vulnerability report. As this vulnerability has already been published, it is provided herein for awareness and mitigation if necessary.

The purpose of this advisory is to bring attention to vulnerabilities in the Sierra Wireless AirLink Raven XE Industrial 3G Gateway.

Assessment

CCIRC is aware of critical vulnerabilities in the Sierra Wireless AirLink Raven XE Industrial 3G Gateway.  These vulnerabilities are remotely exploitable and could allow an attacker to gain privileged access to the device or cause other issues detailed in the reference below.

Vulnerability - Affected Version(s):

Note: The Raven XE/XT devices are past end of life and will not receive firmware updates to address these issues.

Suggested Action

CCIRC recommends that system owners enact their organization's life-cycle process for affected devices, and test/deploy replacement solutions.  To aid with mitigation of the vulnerabilities, the recommendations from Sierra Wireless below should be followed.

Sierra Wireless recommends:

  1. Customers should change all the default passwords on equipment they purchase, especially for interfaces that are enabled on public networks. They also recommend that customers use the firewall configuration options to disable these interfaces on the cellular WAN interface.
  2. Port forwarding should never be enabled to unauthenticated or otherwise insecure interfaces on the LAN side of the gateway.
  3. The Ace Manager interface should be disabled on the cellular WAN connection.

References

Seclists.org – http://seclists.org/fulldisclosure/2016/Jun/60

Note to Readers

In support of Public Safety's mission to build a safe and resilient Canada, CCIRC's mandate is to help ensure the security and resilience of the vital non-federal government cyber systems that underpin Canada's national security, public safety and economic prosperity. As Canada's computer security incident response team, CCIRC is Canada's national coordination centre for the prevention and mitigation of, preparedness for, response to, and recovery from cyber incidents on non-federal government systems. It does this by providing authoritative advice and support, and coordinating information sharing and incident response.

Please note, CCIRC PGP key has recently been updated.
http://www.publicsafety.gc.ca/cnt/ntnl-scrt/cbr-scrt/_fl/CCIRCPublicPGPKey.txt

For general information, please contact Public Safety Canada's Public Affairs division at:

Telephone: 613-944-4875 or 1-800-830-3118
Fax: 613-998-9589
E-mail: ps.communications-communications.sp@canada.ca

Date modified: