On Wednesday, IBM revealed the vulnerability, CVE-2020-15858, which it found last September in Thales' Cinterion EHS8 M2M modules. The flaw is also in related products, including
the BGS5, EHS5/6/8, PDS5/6/8, ELS61, ELS81 and PLS62 modules. "This vulnerability could enable attackers to compromise millions of devices and access the networks or VPNs supporting those devices by pivoting onto the provider's backend network," researchers
write. "In turn, intellectual property, credentials, passwords and encryption keys could all be readily available to an attacker".
Learn more >