Japan’s CERT Issues Warning on Zero-Day Vulnerabilities in IO-Data Routers

December 4, 2024

The Japanese Computer Emergency Response Team (CERT) has raised the alarm about hackers taking advantage of zero-day vulnerabilities in IO-Data router devices. These vulnerabilities allow attackers to alter device settings, execute commands, or even disable the firewall. The manufacturer, IO-Data, has recognized these flaws in a security bulletin published on their website. However, the patches to these vulnerabilities are not expected to be available until December 18, 2024, leaving users potentially exposed to threats until then, unless they enable specific mitigations.

The three vulnerabilities that were identified on November 13, 2024, include information disclosure, remote arbitrary OS command execution, and the ability to disable firewalls. These vulnerabilities affect UD-LT1, a hybrid LTE router designed for versatile connectivity solutions, as well as its industrial-grade version, UD-LT1/EX. The most recent firmware version, v2.1.9, only addresses one of these vulnerabilities, CVE-2024-52564. IO-Data has stated that patches for the remaining two vulnerabilities will be included in the upcoming firmware version, v2.2.0, which is set to release on December 18, 2024.

As confirmed by the manufacturer in their security bulletin, these flaws have already been exploited in attacks. The bulletin reads, "Recently, we received inquiries from customers using our hybrid LTE routers' UD-LT1' and 'UD-LT1/EX', where access to the configuration interface was allowed from the internet without VPN. These customers reported potential unauthorized access from external sources."

Until the security patches are available, IO-Data recommends that users implement certain mitigation measures. These measures are not specified in the summary.

The IO-DATA UD-LT1 and UD-LT1/EX LTE routers are primarily sold in Japan, designed to support multiple carriers such as NTT Docomo and KDDI, and are compatible with major MVNO SIM cards in the country.

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.