Forescout Research Labs has recently published a report from a study called AMNESIA:33, which performed a security analysis of seven open-source embedded TCP/IP stacks. The study discovered 33 new vulnerabilities in four of the seven analyzed stacks. For more details see the White Paper.

Our routers use the Linux Kernel TCP/IP stack, which is not affected by the listed vulnerabilities. Should you have more questions, please contact your Regional Support.

We released a user module with NetFlow/IPFIX probe and collector. The module captures a source and a destination IP address of each observed network communication and the amount of data exchanged. This can be used by network monitors such as PRTG to identify unusual traffic flows caused by misconfigurations, security incidents or policy violations.

Detailed description of the module configuration and operation can be found in the NetFlow/IPFIX Application Note.

The User Modules can be downloaded here.

Our cellular routers are not affected by the Ripple20 vulnerabilities discovered in a TCP/IP software library of many IoT devices.

Our cellular routers are not affected by the Kr00k vulnerability because the hardware is not based on Broadcom or Cypress Wi-Fi chips.

Our cellular routers are not affected by the „Cable Haunt“ vulnerability, which was recently discovered in Broadcom-based cable modems across multiple vendors.

This security advisory is a reaction on the recently discovered network vulnerabilities in Linux kernel (see below on particular names and links).

These vulnerabilities can, under certain circumstances, be used by an attacker against a range of our routers running current firmware (6.1.9) with the potential result of the router rebooting.

We have already prepared a patch which closes the vulnerabilities. The patch will be included in future firmware versions (6.1.10, 6.2.0) when these are released.

Until the new firmware versions are available, you may apply any of the recommended workaround. The easiest ...

This article main topic is about v2 factory settings and default use case, also discussing a few LAN attacks on high-level.

When you get a cellular router from Advantech CZ, the default settings fall into one of the three cases:

1. Router is pre-configured exactly to your needs.
2. V2 router - with default v2 router generation configuration.
3. V3 router - with default v3 generation configuration.

As for the first possibility - router pre-configured exactly to your needs: as described in the first article, there are several ways how ...

A very important topic to cover in this article series is something we call security model of the router.

Before getting to that, let's look at the user model. There are a few user models being used in the operating systems based on Linux. Please note that this definition is something to make our security model more understandable and help with further understanding of the securing process, it is not a formal definition as used in information science.

You are about to read the first article in the series of articles about securing our routers. The series is tailored to our router devices, teaching and showing some general and specific principles and also describing possibilities and use cases. While some of the knowledge here is usable also outside of the router devices, you should keep in mind that we are focusing on our cellular routers running Conel OS 6.x here.

This first article is a basic building block. We are going to describe the device and its basic characteristics and possibilities of accessing the device with an accent on security. Also, some basic use cases are to be touched here and the terminology used for the rest of the series established.

Some time ago there has been questions about impact of IoTroop/Reaper Malware on our devices. A week ago there has been another inquiry. As it seems to be an (unexpected) pattern, this short information announcement is given to public.