CISA reports critical flaws in TEM Opera Plus FM Family transmitter
Take action: If you are using TEM S.r.l. Opera Plus FM Family Transmitters, make sure they are isolated and accessible only from a trusted network. They have critical flaws and patches are not available.
Learn More
CISA reports that Telecomunicazioni Elettro Milano (TEM) S.r.l. Opera Plus FM Family Transmitter has multiple vulnerabilities, including a Missing Authentication for Critical Function and Cross-Site Request Forgery (CSRF). Successful exploitation of these vulnerabilities could enable an attacker to execute arbitrary code remotely, leading to full system compromise.
Vulnerability details
- CVE-2024-41988 (CVSS score 9.3) - Missing Authentication for Critical Function - the transmitter allowing unauthorized access to an unprotected endpoint, permitting malicious actors to upload files to the MPFS File System. This could lead to remote code execution by overwriting the flash memory that powers critical system functions such as the web server and SNMP module.
- CVE-2024-41987 (CVSS score 8.6) - Cross-Site Request Forgery (CSRF) - allows an attacker to trick authenticated users into performing actions on the transmitter’s interface via maliciously crafted HTTP requests. This could be exploited to gain administrative privileges if the user visits a malicious site while logged in.
Affected Product - Opera Plus FM Family Transmitter: Version 35.45.
The vulnerability has a published PoC making it easier for attackers to exploit.
TEM has not yet collaborated with CISA to provide a patch or mitigation. CISA recommends the following defensive measures:
- Minimize network exposure and ensure the transmitter is not accessible from the internet.
- Place systems behind firewalls, isolating them from business networks.
- Use VPNs for remote access, ensuring they are up-to-date.
