IBM’s team of hackers “X-Force Red” has found a vulnerability in the Cinterion module running on Java code used in millions of the Internet of Things (IoT) devices that can be exploited remotely.
The Cinterion module is manufactured by a French company, Thales. WHile the latter had issued a patch in February 2020, X-Force Red has been working with Thales to ensure that users are aware of patches.
The vulnerability can allow hackers to steal sensitive information and gain access to control networks.
Researchers say that it will take some time for many manufacturers to apply patches to their IoT devices. X-Force Red found a way to bypass security checks that keep data or operations code hidden from an unauthorized user. The vulnerability could allow hackers to access confidential data stored by modules such as login credentials, IP, and encryption keys.
For more, click here.