Exposing Critical Threats in Cellular Modem Security - Telit Vulnerabilities Analysis
Hack In The Box Security Conference via YouTube
Overview
Explore a detailed security conference presentation from HITB 2024 Bangkok that uncovers critical vulnerabilities in Telit cellular modems. Dive into the researchers' discovery of multiple security flaws, including remote code execution vulnerabilities, that affect millions of connected devices. Learn about the exploitation of MIDlet applications, bypass techniques for digital signatures, and privilege escalation methods that compromise modem security. Follow the technical analysis of heap overflow vulnerabilities in AT command and SUPL message handlers, which enable remote code execution through SMS messages. Understand the innovative SMS-based File System implementation that demonstrates remote modem compromise and persistent malicious MIDlet installation. Gain insights from security researchers Sergey Anufrienko and Alexander Kozlov as they present the first comprehensive security analysis of Telit modems, establishing a foundation for future research in cellular modem security.
Syllabus
#HITB2024BKK D2 - Exposing Critical Threats in Millions of Connected Devices
Taught by
Hack In The Box Security Conference