21 Security Flaws Found to Affect Over 86,000 Sierra AirLink Routers

Home/BOTNET, Compromised, Evilproxy, Exploitation, Internet Security, IOC's, malicious cyber actors, Security Advisory, Security Update, vulnerability/21 Security Flaws Found to Affect Over 86,000 Sierra AirLink Routers

21 Security Flaws Found to Affect Over 86,000 Sierra AirLink Routers

Researchers Uncover 21 New Sierra Vulnerabilities Affecting Over 86,000 Exposed Online Devices.

Sierra AirLink Routers

Users of Sierra AirLink routers face potential threats, including remote code execution, unauthorized access, cross-site scripting, authentication bypass, and denial-of-service attacks.

The affected routers are used by government organizations, police units, energy, transportation, manufacturing, healthcare sector, etc. So, the attackers getting a foothold into those networks could lead to disrupting various critical services.

What are the riskiest Sierra vulnerabilities?

The severity scores of the identified flaws range from medium to critical. The ones posing the highest risk, and which you should be particularly mindful of, are:

  • CVE-2023-41101 – enables Remote Code Execution in OpenNDS – severity score: 9.6, critical
  • CVE-2023-38316 – enables Remote Code Execution in OpenNDS – severity score: 8.8, high
  • CVE-2023-40463 – permits the attacker to get unauthorized access in ALEOS – severity score: 8.1, high
  • CVE-2023-40464 – permits gaining unauthorized access in ALEOS – severity score: 8.1, high
  • CVE-2023-40461– leads to Cross Site Scripting in ACEmanager – severity score: 8.1, high
  • CVE-2023-40458 – causes Denial of Service in ACEmanager – severity score: 7.5, high
  • CVE-2023-40459 – causes Denial of Service in ACEmanager – severity score: 7.5, high
  • CVE-2023-40462 – causes Denial of Service in ACEmanager related to TinyXML – severity score: 7.5, high
  • CVE-2023-40460 – enables Cross Site Scripting in ACEmanager – severity score: 7.1, high

Prevention measures


Security experts recommend that System Administrators upgrade devices to ALEOS (AirLink Embedded Operating System) version 4.17.0 or proceed with an upgrade to ALEOS 4.9.9, followed by the application of version 10.1.3 for OpenNDS.

Researchers caution that there is no available patch for CVE-2023-40462, which affects TinyXML, as the software is outdated and currently lacks patching options.

Network security experts also advise:

  1. Changing default SSL certificates in Sierra Wireless routers.
  2. Disabling or restricting non-essential services such as captive portals, Telnet, and SSH.
  3. Implementing a firewall to safeguard OT/IoT routers.
  4. Installing an OT/IoT-aware IDS to monitor inbound and outbound traffic.

‍Follow Us on: Twitter, InstagramFacebook to get the latest security news!

Post Views: 260
By | 2023-12-11T23:30:33+05:30 December 11th, 2023|BOTNET, Compromised, Evilproxy, Exploitation, Internet Security, IOC's, malicious cyber actors, Security Advisory, Security Update, vulnerability|

About the Author:

FirstHackersNews- Identifies Security

Related Posts

Leave A Comment

Subscribe to our newsletter to receive security tips everday!