A researcher has revealed that Mimosa Networks’ wireless broadband solutions have multiple severe vulnerabilities. Affected devices may be vulnerable to remote attacks as a result of the flaws.
Wireless broadband solutions from Mimosa, a part of Airspan, can be leveraged to link densely populated urban and hard-to-reach rural areas. Mimosa’s management platform (MMP), as well as its point-to-point (PTP) and point-to-multipoint (PTMP) solutions, are all compromised by seven types of vulnerabilities, according to a report released last week by the US Cybersecurity and Infrastructure Security Agency (CISA).
Four security flaws have been classified as “critical,” implying that they can be used for remote code execution, access sensitive information, or cause a denial-of-service (DoS) scenario. Two of the remaining weaknesses, which may be used to execute arbitrary code and acquire sensitive data, have been assigned a “high severity” rating. Mimosa has issued patches that should address these vulnerabilities.
Noam Moshe, a vulnerability researcher at industrial and IoT security company Claroty, was contacted after the problems were discovered. The flaws, according to Moshe, may be exploited remotely over the internet if the attacker has access to the cloud-based administration web interface. All cloud-connected devices are vulnerable to attacks because of security flaws.
The researcher explained that to acquire complete access to the cloud servers before the vulnerabilities were patched, an attacker would have had to submit specially crafted queries to the cloud servers.
He further said, “By exploiting these vulnerabilities, a remote attacker could exfiltrate sensitive data from all cloud-connected devices, including the device’s real-life locations, shared secrets and internal data of the company that owns the device. Furthermore, attackers could even achieve remote code execution on field internet-supplying devices, gaining full control of the devices and full access to any information being kept on them.”
According to CISA, Mimosa has fixed the vulnerabilities with version 1.0.4 of MMP and version 2.90 for the affected PTP and PTMP products.