Horizon Alert
Summary of the vulnerability and why it matters
This critical vulnerability in Siklu Etherhaul devices allows unauthenticated attackers to execute arbitrary commands by exploiting hardcoded encryption keys. While this specific issue appears to be a repeat of a previous vulnerability, its presence on network infrastructure devices poses a significant risk of unauthorized access and control over network operations. The primary concern is confirming whether these devices are in use and exposed.
- Insecure encryption keys allow unauthenticated command execution.
- Critical infrastructure devices are at risk of compromise.
- Confirm exposure and relevance for network security.
Attack Path
How an attacker could exploit the issue
An attacker can reach the vulnerable service on Siklu devices by sending specially crafted network packets. Because the service uses hardcoded, identical encryption keys across all devices, an attacker can forge encrypted packets that the device will accept. These packets can then be used to execute arbitrary commands on the device, leading to a complete compromise.
- Network exposure required.
- Static, hardcoded encryption keys.
- Arbitrary command execution.
Live Threat
Current exploitation, exposure, and threat context
The `rfpiped` service on Siklu Etherhaul devices, which handles network traffic, uses hardcoded, identical AES encryption keys. This flaw allows any attacker on the network to craft malicious packets to execute commands on the device without needing any credentials. This could impact the confidentiality, integrity, and availability of the affected network equipment.
- Network command execution.
- Crafted packets exploit weak encryption.
- Device compromise and control.
Operational Fix
Recommended remediation, mitigation, and detection steps
Given that the affected technology consists of network devices (Siklu Etherhaul) and a service listening on a network port, the infrastructure team or network/security team is likely responsible for managing these devices. The first practical step is to inventory all deployed Etherhaul devices, confirm their network exposure and criticality, identify the business owner of each device, and then prioritize remediation efforts.
- Identify and catalog all affected devices.
- Verify network reachability and criticality.
- Coordinate with vendor for firmware updates.