CVE-2024-21872 Electrolink CVE debrief

Who should care

Broadcast operators, critical infrastructure defenders, and OT security teams managing Electrolink FM/DAB/TV transmitters should prioritize assessment and network segmentation given the unpatched status and critical operational impact potential.

Technical summary

The Electrolink transmitter web interface contains an authentication bypass vulnerability where cookie values can be modified by unauthenticated attackers to reveal hidden administrative pages. This grants access to critical transmitter operations without valid credentials. The flaw affects all versions of 24 transmitter models across DAB, FM, and TV product lines. No vendor patch is available as Electrolink has not engaged with CISA coordination efforts.

Defensive priority

critical

Recommended defensive actions

• Segment Electrolink transmitter management interfaces from operational networks and untrusted access
• Implement strict network access controls limiting web interface access to authorized management stations only
• Monitor for anomalous cookie values or unexpected administrative page access attempts
• Contact Electrolink directly for security updates given vendor non-response to CISA coordination
• Apply CISA ICS recommended practices for defense-in-depth in industrial control environments
• Consider out-of-band management alternatives where web interface exposure cannot be eliminated

Evidence notes

CISA ICS Advisory ICSA-24-107-02 documents this vulnerability with CVSS 3.1 vector AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N. The advisory confirms Electrolink's non-response to mitigation coordination. Affected products span 24 transmitter models across DAB (10W–5kW), FM (100W–40kW), and TV (VHF/UHF) product families.

Official resources