The researchers from IBM X-Force Red security have found a bug in modules made by the manufacturer Thales. These components are a part of millions of connected IoT devices. The IoT vulnerability can be remotely exploited, allowing a hacker to take control of the device or access the enterprise network.
The Cinterion EHS8 M2M modules by Thales are built for industrial IoT machines that operate in factories, healthcare, and energy sector, and are designed to create secure communication channels over 3G and 4G networks.
Cybercriminals that will be able to break in using IBM’s method could “potentially control a device or gain access to the central control network to conduct widespread attacks – even remotely via 3G in some cases.”