The mobile operator EE is selling 4G-based wireless 4GEE Mini modems that are affected by a high-severity vulnerability; the flaw, if exploited, allows hackers to run a malicious program on a targeted computer with the highest level of privileges in the system.
Once the EE Mini modem is connected via USB it can be exploited by a low privileged user account to escalate privileges on any Windows computer. This action will allow a hacker to gain full system access to the targeted remote computer and thereby, perform any malicious actions, such as installing malware, rootkits, keylogger, or stealing personal information.
Remember everything can be hacked. In order to stay away from any threats related to the cyber world, we recommend the install of antivirus for Windows or antivirus for Mac on every device that you own, depending on which OS your device is running. If you are a company, it is also recommended to hire every year a specialized cybersecurity company that will run annual tests on your company’s network. These tests include penetration testing and ethical hacking tests;
The 4G Mini WiFi modem is manufactured by Alcatel and sold by EE, a mobile operator owned by BT Group— Britain’s largest digital communications company that serves over 31 million connections across its mobile, fixed and wholesale networks.
The flaw, is known as CVE-2018-14327, and it lays in the driver files installed by EE 4G Mini WiFi modem on a Windows system and originates because of folder permissions, allowing any low privileged user to “read, write, execute, create, delete do anything inside that folder and it’s subfolders.”
For a successful attack to happen all the hacker needs to do is replace “ServiceManager.exe” file from the driver folder with a malicious file to trick the vulnerable driver into executing it with higher SYSTEM privileges after reboot.
If you don’t wanna be affected by this cybersecurity flaw you have to patch your 4G Wi-Fi Mini modems; you are advised to update the firmware modem to the latest “EE40_00_02.00_45” version and remove previous vulnerable versions.
• Go to your router’s default gateway: http://192.168.1.1.
• Click on the “Check for Update” to update your firmware.
• Once updated to the patched software version EE40_00_02.00_45, remove the previously installed software version from your computer.
We will continue to monitor this cybersecurity problem. Meanwhile, users should keep a keen eye out for any cyber attacks. Remember to use an antivirus for Windows or antivirus for Mac in every device that you own, depending on which OS your machine is running, If you are a company we recommend to hire every year a specialized cybersecurity company that will run annual tests on your company’s network, tests like this include: penetration testing and ethical hacking.