top of page

TELTONIKA NETWORKING DEVICES

Saugumo Centras

Bet kuris prie Interneto prijungtas įrenginys gali tapti kibernetinių atakų taikiniu. Čia pateikiame visą informaciją apie bet kokią egzistuojančią ar potencialią saugumo spragą, kuri yra susijusi su mūsų įrenginiais.

Three denial-of-service vulnerabilities in third-party chipsets affecting our 5G devices

24-01-15

The following three denial-of-service 5G vulnerabilities were found in third-party chipsets, which our RUTX50, RUTM50, and TRB500 contain:

  1. CVE-2023-33042

  2. CVE-2023-33043

  3. CVE-2023-33044

These affect device availability but not integrity or confidentiality. As they stem from a third-party vendor, Teltonika Networks does not currently have patched firmware or workaround available. For more information, read this article.

Firmware vulnerability in TRB1-series devices

24-01-09

This vulnerability can only be exploited through LAN access via Ethernet or USB interfaces and does not affect devices remotely via mobile networks. It affects the TRB140, TRB141, TRB142, TRB143, and TRB145 industrial gateways across all firmware versions before TRB1_R_00.07.05.2 and was remediated with version TRB1_R_00.07.05.2. For more information, read this article.

RMS and RutOS Vulnerabilities from CISA Advisory ICSA-23-131-08

23-05-24

8 vulnerabilities were recently remediated from the RMS platform and RutOS firmware:

  • 6 RMS vulnerabilities were remediated with version 4.10.0 (2023-03-22) and 4.14.0 (2023-04-26): CVE-2023-32346, CVE-2023-32347, CVE-2023-32348, CVE-2023-2587, CVE-2023-2588, CVE-2023-2586

  • 2 RutOS vulnerabilities were remediated with version 7.03 (2022-12-16) and 7.03.4 (2023-02-09): CVE-2023-32349, CVE-2023-32350

Recommendation: Medusa Botnet - a threat to Linux based devices

23-02-07

  • Medusa Botnet infects devices via bruteforce attacks, and our devices are fitted with bruteforce prevention mechanisms to block attackers after 10 incorrect attempts which is enabled by default.

  • To further enhance your resistance to Medusa, you may also change the default ports for SSH and Telnet services, which Medusa cannot identify.

Title

Description

Title and description

  • 3 puslapis

NEWS & ARTICLES

See all news

the-rutx50-5g-router-now-red-certified-article-banner-840xAuto.jpg

2025-06-11 08:55

The RUTX50 5G router – now RED-certified

711530-5g-security-840xAuto.jpg

2024-08-22 13:00

Vulnerability Fix to “5Ghoul” Affecting Teltonika 5G Devices

rms-security-banner-840xAuto.jpg

2024-03-06 15:00

Security Overview of Our Remote Management System

Secure Software Development Lifecycle

Ensuring the security of our products and services is a top priority at Teltonika. They are designed, developed, and rigorously tested with security and privacy in mind throughout the software development lifecycle of each release.

In addition to performing vulnerability management, reviewing vulnerability reports, routine monitoring of new vulnerabilities, and handling vulnerability remediation, Teltonika’s core Secure Software Development Lifecycle (SSDL) consists of the following phases:

Training

As a pre-requirement of this lifecycle, Teltonika’s security team drafts training materials and developer test on a yearly basis.

Requirements

Baseline security and privacy requirements for the upcoming release are drafted and communicated internally.

Design

Software design reviews are conducted with the goals of understanding the upcoming release, drafting.

Implementation

Static code scanning tools are maintained and code is reviewed.

Verification

Comprehensive fuzzing, penetration, and final security tests are performed.

Release

Documents are finalised, archived, and taken into account for the following cycle.

Everything begins with security.

"In an ever-increasing complexity of globally connected digital devices, ensuring cybersecurity is no longer an optional task. The first step should always be keeping your devices up-to date."

fixed-aspect-ratio-spacer-variants.webp
bottom of page