sierra wireless raven

16 May 2017

[ICS] Sierra Wireless Raven XE & XT ICS-CERT advisory published

Back in 2016, I released a report on multiple vulnerabilities in Sierra Wireless Raven XE & XT appliances:

https://ipositivesecurity.com/2016/06/25/ics-sierra-wireless-airlink-raven-xe-industrial-3g-gateway-multiple-vulnerabilities/

In response to it, ICS-CERT had posted an alert here:
https://ipositivesecurity.com/2016/07/01/ics-ics-alert-16-182-01-published-sierra-wireless-raven-xe-xt-vulnerabilities/

After almost an year, Sierra Wireless has resolved this report now, and a formal ICS-CERT advisory has been published:
https://ics-cert.us-cert.gov/advisories/ICSA-17-115-02

CVE-IDs
CVE-2017-6042
CVE-2017-6044
CVE-2017-6046

Read on for more details.

Read more

01 Jul 2016

[ICS] ICS-ALERT-16-182-01 published – Sierra Wireless Raven XE & XT vulnerabilities

Couple of days back, I posted multiple vulnerabilities in Sierra Wireless Raven XE & XT devices on Full Disclosure list, and here:
http://ipositivesecurity.com/2016/06/25/ics-sierra-wireless-airlink-raven-xe-industrial-3g-gateway-multiple-vulnerabilities/

ICS-CERT team confirmed yesterday they have released an alert on this report as well now:
https://ics-cert.us-cert.gov/alerts/ICS-ALERT-16-182-01

Read on

Read more

25 Jun 2016

[ICS] Sierra Wireless AirLink Raven XE Industrial 3G Gateway – Multiple Vulnerabilities

[ICS] Multiple vulnerabilities in Sierra Wireless AirLink Raven XE Industrial 3G Gateway About http://www.sierrawireless.com/products-and-solutions/gateway-solutions/raven-series/ The Sierra Wireless Raven XE and XT wireless gateways are used in the following industries and applications: utilities, manufacturing, automation, oil and gas, Ethernet-based SCADA, and telemetry. Read on

Read more