Security Advisories: 20250530
Doc No. Robustel_SA_20250530
Updated May 30th, 2025
Robustel has released a firmware security update for all RobustOS and RobustOS Pro devices. This update addresses a Linux kernel security issue in the RobustOS and RobustOS Pro firmware.
If you are utilizing Public IP SIMs or believe that your network requires enhanced protection, we recommend downloading and installing the latest firmware update through the RCMS. Should you have any questions or need assistance, please do not hesitate to contact the Robustel Support Team.
DETAILS
This section summarizes the potential impact that this security update addresses. Descriptions use CWE™, and base scores and vectors use CVSS3.0 standards.
CVE IDs | Summary | Base Score | Vector |
CVE-2024-1086 | A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660. | 7.8 | CVSS:3.1/AV:L/AC:L/PR: L/UI:N/S:U/C:H/I:H/A:H |
SECURITY UPDATES
The following table lists the products affected, versions affected, and the updated version that includes this security update.
To upgrade the device firmware,
- you can either remotely deploy the corresponding firmware version to the device directly through RCMS.
- or download the firmware from the Robustel knowledge base to perform a local upgrade.
CVE IDs Addressed | Vulnerability Report Date | Product Name | Affected Versions | Updated Version |
CVE-2024-1086 | 01/31/2024 | All RobustOS and
RobustOS Pro Devices
| RobustOS: V3.x and V5.x
RobustOS Pro: V2.x
| RobustOS: V5.3.5
RobustOS Pro: V2.3.4
|
Mitigation
RobustOS: Upgrade to version V5.3.5
RobustOS Pro: Upgrade to version V2.3.4
Initial Publication Date
May 30th, 2025
REVISION HISTORY
Revision | Date | Description |
1.0 | May 30th, 2025 | Initial release
|
SUPPORT
For any inquiries regarding this security bulletin, please reach out to the Robustel Support Team.
Related Articles
Security Advisories: 20241220
Doc No. Robustel_SA_20241220 Updated December 20th, 2024 Robustel has released a firmware security update for all RobustOS devices. This update addresses an OpenSSH and OpenSSL security issue in the RobustOS firmware. If you are utilizing Public IP ...
Security Advisories: 20220810
Doc No. Robustel_SA_20220810 Updated August 10th, 2022 Robustel has released a firmware security update for all RobustOS devices. This update addresses security issues in the RobustOS firmware that may lead to arbitrary command execution and ...