Experts have uncovered significant security vulnerabilities in Advantech EKI industrial wireless access points, potentially allowing attackers to bypass authentication and execute remote code at elevated privilege levels.

Overview of Vulnerabilities

According to Nozomi Networks' latest analysis, these flaws present critical threats, enabling unauthenticated remote code execution with root permissions, which can completely undermine the security of affected devices. Advantech has responded to these issues by releasing firmware updates: version 1.6.5 for models EKI-6333AC-2G and EKI-6333AC-2GD, and version 1.2.2 for EKI-6333AC-1GPO.

Details of Critical Vulnerabilities

Out of 20 disclosed vulnerabilities, six are rated as critical: - Five are due to improper neutralization of special elements in OS commands (CVE-2024-50370 to CVE-2024-50374, CVSS score: 9.8). One involves missing authentication for a critical function (CVE-2024-50375, CVSS score: 9.8).

Cross-Site Scripting Risk

A notable vulnerability, CVE-2024-50376 (CVSS score: 7.3), could be combined with CVE-2024-50359 (CVSS score: 7.2), enabling over-the-air arbitrary code execution. This specific exploit requires an attacker to be physically near the access point, leveraging a rogue access point to alter the Wi-Fi Analyzer's embedded data without verification. If successful, arbitrary JavaScript can be executed in the administrator's browser, potentially injecting a reverse shell to grant persistent remote access.

Implications and Recommendations

The described exploits could allow attackers to assume control over compromised devices, execute arbitrary commands, and further infiltrate networks by deploying additional malicious code. Affected organizations should immediately apply the relevant firmware updates to mitigate these critical vulnerabilities and protect network integrity.

The link has been copied!