Remote Device Management Vulnerability in Sierra Wireless AirVantage Platform
CVE-2023-31279
Currently unrated
What is CVE-2023-31279?
The AirVantage platform, developed by Sierra Wireless, is susceptible to a significant security flaw that permits unauthorized attackers to register previously unregistered devices. This vulnerability arises when the owner neglects to disable the AirVantage Management Service on their devices or has not previously registered them. Exploiting this flaw enables attackers to configure and manage these devices, including executing sensitive AT commands, thereby posing a potential risk to user privacy and security. Swift action is advised to mitigate this threat, including immediate updates to affected systems.