5 December 2024

Japan’s CERT warns of zero-day vulnerabilities in I-O data routers


Japan’s CERT warns of zero-day vulnerabilities in I-O data routers

Japan’s Computer Emergency Response Team (CERT) has issued a security advisory warning about ongoing exploitation of zero-day vulnerabilities in I-O Data’s UD-LT1 and UD-LT1/EX LTE routers widely used across Japan.

The three flaws (CVE-2024-45841, CVE-2024-47133, CVE-2024-52564) are information disclosure, remote arbitrary OS command execution, and the ability to disable firewalls. If exploited, the flaws allow attackers to alter device settings, execute arbitrary commands, and disable the firewall. The vendor confirmed that some users have already reported exploitation of these flaws in real-world attacks.

The company has released firmware version v2.1.9, which addresses only CVE-2024-52564. Fixes for the remaining vulnerabilities (CVE-2024-45841 and CVE-2024-47133) are expected in firmware version v2.2.0, scheduled for release on December 18, 2024. Until then, users are advised to implement the following mitigations:

  • Disable Remote Management: Turn off this feature for all internet connection methods, including WAN Port, Modem, and VPN settings.

  • Restrict Access: Allow access only from VPN-connected networks to block unauthorized external connections.

  • Strengthen Passwords: Change the default "guest" user password to a complex one with at least 10 characters.

  • Monitor Device Settings: Regularly check for unauthorized changes and reset devices to factory defaults if suspicious activity is detected.

Back to the list

Latest Posts

Cybersecurity Week in Review: January 24, 2025

Cybersecurity Week in Review: January 24, 2025

In brief: SonicWall SMA zero-day exploited in attacks, hackers are exploiting older Ivanti flaws, and more.
24 January 2025
AIRASHI DDoS botnet exploits a zero-day vulnerability in cnPilot routers

AIRASHI DDoS botnet exploits a zero-day vulnerability in cnPilot routers

The attacks have been active since June 2024.
23 January 2025
SonicWall SMA zero-day exploited in attacks

SonicWall SMA zero-day exploited in attacks

SonicWall has released a patch in version 12.4.3-02854 and higher versions to address the issue.
23 January 2025