Vulnerability Alert: Sierra Wireless AirLink Gateways

Cybersecurity Alert

Sierra Wireless issued a security bulletin which indicates that these gateways are vulnerable to IoTroop/Reaper malware.  Among other things this malware is known to steal user passwords and contact a command and control server in order to participate in a Distributed Denial of Service (DDoS) attack.  These DDoS attacks expose gateway users to significant and unexpected data charges.

Applicable Products 

The following products are potentially vulnerable: 

LS300, GX400, GX/ES440 with firmware version ALEOS 4.4.4 or older

GX/ES450, RV50, RV50X, MP70, MP70E with firmware version ALEOS 4.8.1 or older

Action required 

A firmware upgrade is required in order to eliminate this vulnerability.   

Request firmware update assistance. 

Read Tech Bulletin from Sierra Wireless 

Ray Cowell