PatchSiren cyber security CVE debrief
CVE-2024-9166 Atelmo CVE debrief
CVE-2024-9166 is a critical vulnerability in the Atelmo Atemio AM 520 HD Full HD Satellite Receiver that enables unauthenticated remote attackers to execute arbitrary system commands with root privileges. The vulnerability exists in the device's web interface through the 'getcommand' query parameter, which lacks proper authorization controls and input validation. With a CVSS 3.1 score of 9.8 (Critical), this vulnerability poses severe risk due to its network attack vector, low attack complexity, and no required privileges or user interaction. The affected product is the Atelmo Atemio AM 520 HD running firmware version TitanNit_2.01 or earlier. Atelmo has discontinued this product and no longer provides support or security updates, leaving affected devices permanently vulnerable. Organizations using this device should immediately implement network segmentation, remove the device from internet-facing networks, and plan for replacement with supported alternatives.
- Vendor
- Atelmo
- Product
- Atemio AM 520 HD
- CVSS
- CRITICAL 9.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-09-26
- Original CVE updated
- 2024-09-26
- Advisory published
- 2024-09-26
- Advisory updated
- 2024-09-26
Who should care
Organizations operating Atelmo Atemio AM 520 HD satellite receivers in broadcast, hospitality, residential, or enterprise environments; critical infrastructure operators using satellite reception equipment; managed service providers maintaining satellite TV installations; security teams responsible for OT/IoT device security; and procurement teams evaluating end-of-life equipment risks.
Technical summary
The Atelmo Atemio AM 520 HD satellite receiver contains a critical unauthenticated command injection vulnerability in its web management interface. The 'getcommand' query parameter accepts arbitrary system commands and executes them with root privileges without requiring authentication. This allows remote attackers to gain complete control over affected devices. The vulnerability affects firmware version TitanNit_2.01 and earlier. The vendor has discontinued this product, leaving no patch available.
Defensive priority
critical
Recommended defensive actions
- Immediately isolate affected Atemio AM 520 HD devices from internet-facing networks and untrusted network segments
- Implement strict network segmentation to limit device exposure to authorized administrative hosts only
- Plan for immediate replacement of affected devices with actively supported alternatives, as the vendor has discontinued this product and provides no security updates
- Monitor network traffic for suspicious requests containing 'getcommand' parameters directed at affected devices
- Review and restrict administrative access to satellite receiver management interfaces using firewall rules and access control lists
- Conduct asset inventory to identify all deployed Atelmo Atemio AM 520 HD devices within your environment
- Document and communicate end-of-life status of this equipment to procurement and operational technology teams
Evidence notes
Vulnerability details sourced from CISA ICS Advisory ICSA-24-270-03 published 2024-09-26. CVSS 3.1 vector confirmed as AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. Affected product version confirmed as <=TitanNit_2.01. Vendor discontinuation status confirmed in advisory remediation section.
Official resources
-
CVE-2024-9166 CVE record
CVE.org
-
CVE-2024-9166 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-09-26