Sierra Wireless AirLink Raven XE Industrial 3G Gateway - Multiple Vulnerabilities Reported (UPDATE)
Date: 29 June 2016
CORRECTION: The vendor has not yet published or registered an official vulnerability report. As this vulnerability has already been published, it is provided herein for awareness and mitigation if necessary.
The purpose of this advisory is to bring attention to vulnerabilities in the Sierra Wireless AirLink Raven XE Industrial 3G Gateway.
CCIRC is aware of critical vulnerabilities in the Sierra Wireless AirLink Raven XE Industrial 3G Gateway. These vulnerabilities are remotely exploitable and could allow an attacker to gain privileged access to the device or cause other issues detailed in the reference below.
Vulnerability - Affected Version(s):
- Weak Credential Management - Raven XE HSPA, GX400
- CSRF Vulnerability – All Raven XE/XT models
- Sensitive Information Leakage – Ace Manager All Raven XE/XT models
- Unauthenticated Access – All Raven XE/XT models
Note: The Raven XE/XT devices are past end of life and will not receive firmware updates to address these issues.
CCIRC recommends that system owners enact their organization's life-cycle process for affected devices, and test/deploy replacement solutions. To aid with mitigation of the vulnerabilities, the recommendations from Sierra Wireless below should be followed.
Sierra Wireless recommends:
- Customers should change all the default passwords on equipment they purchase, especially for interfaces that are enabled on public networks. They also recommend that customers use the firewall configuration options to disable these interfaces on the cellular WAN interface.
- Port forwarding should never be enabled to unauthenticated or otherwise insecure interfaces on the LAN side of the gateway.
- The Ace Manager interface should be disabled on the cellular WAN connection.
Seclists.org – http://seclists.org/fulldisclosure/2016/Jun/60
Note to Readers
In support of Public Safety's mission to build a safe and resilient Canada, CCIRC's mandate is to help ensure the security and resilience of the vital non-federal government cyber systems that underpin Canada's national security, public safety and economic prosperity. As Canada's computer security incident response team, CCIRC is Canada's national coordination centre for the prevention and mitigation of, preparedness for, response to, and recovery from cyber incidents on non-federal government systems. It does this by providing authoritative advice and support, and coordinating information sharing and incident response.
Please note, CCIRC PGP key has recently been updated.
For general information, please contact Public Safety Canada's Public Affairs division at:
Telephone: 613-944-4875 or 1-800-830-3118
- Date modified: