The Download
Three critical zero-day vulnerabilities in I-O Data routers pose significant security threats, allowing attackers to execute dangerous remote attacks. The most severe vulnerability (CVE-2024-52564, CVSS 7.5) enables malicious actors to completely disable router firewalls, execute arbitrary OS commands, and modify device configurations. Vulnerabilities (CVE-2024-45841 and CVE-2024-47133) with CVSS scores ranging from 6.5 to 7.2 potentially allow unauthorized access to authentication information, permit administrator-level command execution, and create substantial network exposure risks that could compromise entire network infrastructures.
What You Can Do
I-O Data warned that patches will not be available for a few weeks. However, JPCERT also warned that attacks exploiting these vulnerabilities have also been observed in the wild. IT administrators should immediately implement a multi-layered mitigation strategy. First, check device firmware and apply the available update (version 2.1.9), which partially addresses the issues.
For vulnerabilities without current patches (CVE-2024-45841 and CVE-2024-47133), implement strict access controls, monitor guest and administrator account activities, and consider temporarily isolating affected routers from critical network segments. Additionally, administrators should watch for updates from I-O Data expected by December 18, 2024, and maintain heightened vigilance for potential exploitation attempts.
Monitor your network attack surfaces with ThreatMate. Sign up for a demo now.
To Learn More: