Advertisement
 

Sierra Wireless Malware Threat Technical Announcement

User Rating: / 0
PoorBest 
Tuesday, 05 September 2017

Sierra Wireless Malware Threat Technical Announcement

Updated 09/12/2017

To date, we have only seen evidence of the malware affecting GX400 and GX440 gateways using
default user or viewer passwords. However, we encourage all customers to follow the
recommendations in this bulletin as best practice for all AirLink Gateways.

Original Article

Sierra Wireless has released a technical bulletin to share with all customers regarding a new malware targeting Sierra Wireless products. Please see the information posted below.

Products: AirLink® Gateways running ALEOS 4.5.2 or older

Date of issue: 4 September 2017

The Sierra Wireless security team has discovered a new malware threat targeting gateways running ALEOS 4.5.2 or older that are directly reachable from the public internet and not on a private network. We take such threats seriously and are actively working with law enforcement, network operators and affected customers to conclusively determine the source of the malware and assist in remediation of affected gateways.

To date, we have only received reports of LS300, GX400 and GX440 gateways being affected. However, we advise all customers running ALEOS 4.5.2 or older on any devices to immediately follow the recommended actions below.

Furthermore, in some deployments compromised gateways will no longer be able to boot and will display a solid green power LED. Customers observing this behavior are advised to contact their authorized AirLink reseller and/or their Sierra Wireless sales or technical representative for assistance. Alternatively, customers can contact Sierra Wireless technical support at https://www.sierrawireless.com/company/contact-us/

Recommended Actions

To reduce your exposure to online security threats, Sierra Wireless recommends that all customers immediately perform the following three actions:

1. Ensure that strong, unique passwords are used for both the user and viewer accounts on the gateway:
a. In ACEmanager or ALMS, navigate to Admin > Change Password
b. Set a strong, unique password for both the user and viewer accounts.
Sierra Wireless Technical Bulletin: Malware Threat
2. Disable remote access to ACEmanager if it is not required:
a. In ACEmanager or ALMS, navigate to Services > ACEmanager
b. Set ACEmanager Access – OTA to OFF
3. Ensure you are running to most recent available firmware for your gateway. The following table details the most current firmware for all AirLink® Products:

LS300 4.4.4.p05

GX400 4.4.4.p05

EX/ES400 4.4.4.p05

GX/ES450 4.8.1

RV50 4.8.1

MP70 4.8.1

Configuration changes and firmware updates can be performed on individual gateways using ACEmanager or on multiple gateways at the same time using AirLink Management Service (ALMS). ALMS is free for customers with up to 15 gateways. For more information please visit http://airvantage.net.

Further Information

For further information and technical support, please contact your authorized AirLink reseller or Sierra Wireless representative. To contact Sierra Wireless, please visit https://www.sierrawireless.com/company/contact-us/




Last Updated ( Tuesday, 12 September 2017 )
 
< Prev   Next >

EVDO News, Tips, Products, Reviews, Verizon and Sprint Experts.
Welcome to the #1 source for EVDO Information. Search our EVDO forums, read our EVDO Blogs, check EVDO coverage and when ready, buy your EVDO products from us, your EVDO Experts. Call us @ 1-866-3GSTORE.
 
The image “http://www.evdoinfo.com/images/stories/evdo_easy_button.jpg” cannot be displayed, because it contains errors.
 

CrawlTrack: free crawlers and spiders tracking script for webmaster- SEO script -script gratuit de dÔøΩtection des robots pour webmaster