Airlink Connection Manager security advisor
26 July 2023
News
Sierra Wireless recently received reports of malicious actors attempting to compromise Airlink Connection Manager (ACM) instances that are deployed insecurely with exposed SSH and using the default administrative credentials. Sierra Wireless security guidance for the configuration of ACM instances strongly recommends changing the administrative credentials prior to operational deployment, and limiting the exposure of SSH to secure management networks only.
As the frequency of compromise or compromise attempts appears to be increasing, Sierra Wireless strongly recommends that all customers review their ACM configuration and logs.
All versions of ACM may be vulnerable if they are deployed with SSH accessible from an insecure network such as the public Internet, and are using insecure credentials, including default, weak, or publicly known credentials. If an attacker can connect to an ACM instance and authenticate, they will gain full administrative control of the instance, allowing them to modify the configuration or access any secrets stored on the device.
Sierra Wireless recommends the following actions to secure your ACM instances:
• Ensure the administrative password, along with all other passwords, are changed from the defaults. All passwords should comply with accepted recommendations for strong passwords, such as those provided by Microsoft.
• Set external firewall rules to prevent access to SSH from insecure or untrusted networks such as the public Internet, preventing untrusted connections.
• Monitor ACM and firewall logs for unauthorised access attempts from unknown sources, and implement appropriate rules to block such attempts.
Further reading:
UFS Flash named Best in Show
EBV Electrolink
News
KIOXIA Europe GmbH was named as winner in the Memory & Storage category of the Embedded Computing Design (ECD) electronica Best in Show Awards at the recently held electronica 2024.
Read more...
Save the date for Securex South Africa 2025
News
Home to Africa’s largest collection of security solutions, Securex South Africa returns to Gallagher Convention Centre in Midrand from 3 to 5 June 2025.
Read more...
Trina Storage ranked in top 10
News
Amidst the global energy storage market, Trina Storage has once again earned recognition from authoritative institutions with its outstanding innovation capabilities and global layout.
Read more...
2025 outlook for DRAM is poor
News
According to TrendForce, weak demand outlook and rising inventory and supply forecast to pressure DRAM prices down for 2025.
Read more...
Price hike to challenge energy reforms
News
Eskom’s proposed 44% price hike could undermine renewable energy gains despite tech innovation.
Read more...
IO Ninja debugging tool
RF Design
News
Tibbo has released a major update to IO Ninja, its versatile communications debugging tool for Windows, Linux, and macOS.
Read more...
Young SA robotics team takes world title
News
In a demonstration of innovation and teamwork, Texpand, a South African youth robotics team based in Cape Town, recently made history by winning the 2024 FIRST Tech Challenge (FTC) World Championships.
Read more...
From the editor's desk: A brave new world
Technews Publishing
News
The technology Tesla currently uses in its cars from the batteries, power electronics, controllers, through to the mechanics, gearboxes, and the AI inference computer and software have are incorporated in the development of Optimus, allowing the development of the robot to gain impressive features in a relatively short time span.
Read more...
Seven Labs partnership enhances local electronics distribution
Seven Labs Technology
News
Aimed at revolutionising the electronics distribution landscape in South Africa, Seven Labs has announced a partnership with LCSC, one of China’s most reputable electronics distributors.
Read more...
From the editor's desk: How electronics is shaping modern warfare
Technews Publishing
News
From radar systems and encrypted communications to drones and cyber warfare, electronic devices have transformed the battlefield into a highly digitised and networked environment.
Read more...