CVE-2023-35835 is a critical vulnerability affecting the SolaX Pocket WiFi 3 device, versions up to 3.001.02. This device is designed to provide a WiFi access point primarily for initial configuration purposes. However, the vulnerability arises because the WiFi network it broadcasts is permanently open—lacking any form of network authentication such as WPA2/WPA3 encryption keys. This open network remains active even after the device has been enrolled and setup is complete, which is a significant security oversight. The exposed WiFi network hosts a web-based configuration utility and an unauthenticated ModBus protocol interface. ModBus is a communication protocol commonly used in industrial environments for supervisory control and data acquisition (SCADA) systems. The absence of authentication on these interfaces means that any attacker within wireless range can connect to the device, access the configuration utility, and interact with the ModBus interface without restriction. This can lead to unauthorized configuration changes, data theft, or disruption of device operation. The vulnerability has a CVSS 3.1 base score of 9.8, indicating critical severity, with attack vector being network (remote), no privileges or user interaction required, and impacts on confidentiality, integrity, and availability all rated high. Although no known exploits in the wild have been reported yet, the ease of exploitation and the critical impact make this a significant threat. The lack of vendor or product-specific details beyond the device name limits the scope of direct vendor mitigation guidance, but the technical nature of the vulnerability is clear and straightforward.

For European organizations, especially those involved in energy management, industrial automation, or smart grid deployments where SolaX Pocket WiFi 3 devices might be used, this vulnerability poses a severe risk. Attackers can gain unauthorized access to device configurations and control interfaces, potentially leading to manipulation of energy data, disruption of energy flow, or denial of service conditions. This can affect operational continuity, cause financial losses, and damage trust in critical infrastructure. The unauthenticated ModBus interface is particularly concerning as it is often used in industrial control systems; unauthorized commands could lead to unsafe operational states or equipment damage. Confidentiality breaches could expose sensitive operational data, while integrity and availability impacts could disrupt services. Given the permanent nature of the open WiFi network, attackers do not need to wait for initial setup phases, increasing the window of exposure. This vulnerability could also facilitate lateral movement within a network if the device is connected to broader enterprise or industrial networks. The critical CVSS score underscores the urgency for European organizations to address this issue promptly to avoid potential exploitation.

1. Immediate network segmentation: Isolate the SolaX Pocket WiFi 3 devices on a dedicated VLAN or network segment with strict access controls to limit exposure to authorized personnel only. 2. Disable or restrict the WiFi access point if possible: If the device firmware or configuration allows, disable the open WiFi network after initial setup or restrict its broadcast range to minimize attacker proximity. 3. Implement physical security controls: Ensure devices are located in secure areas to prevent unauthorized physical access or proximity-based attacks. 4. Monitor network traffic: Deploy intrusion detection/prevention systems (IDS/IPS) to detect anomalous activity targeting the device’s IP addresses or ModBus protocol communications. 5. Use network-level authentication and encryption: If the device supports firmware updates or configuration changes, request or apply patches that enable WiFi authentication and encryption. 6. Vendor engagement: Contact the device manufacturer or vendor for firmware updates or security advisories addressing this vulnerability. 7. Disable or restrict ModBus interface access: If possible, configure the device to require authentication for ModBus or disable it if not needed. 8. Audit and log access: Maintain detailed logs of access to the device’s configuration utility and ModBus interface to detect unauthorized attempts. 9. Consider alternative devices: For new deployments, evaluate alternative devices with stronger security postures and authentication mechanisms. These mitigations go beyond generic advice by focusing on network architecture, physical security, and active monitoring tailored to the specific vulnerability characteristics.