CVE-2025-35004 is a high-severity vulnerability affecting Microhard's IPn4Gii-NA2 and BulletLTE-NA2 devices, specifically in their firmware. The flaw is an instance of CWE-88, which involves improper neutralization of argument delimiters in commands, commonly known as argument injection. The vulnerability resides in the AT+MFIP command interface, which is used for device management and configuration. An authenticated attacker with at least low privileges can exploit this vulnerability by injecting malicious command arguments through the AT+MFIP command, leading to privilege escalation. This means the attacker can gain higher-level access than originally permitted, potentially executing arbitrary commands with elevated privileges. The CVSS 3.1 score of 7.1 reflects a high severity, with the attack vector being local (AV:L), requiring low attack complexity (AC:L), and low privileges (PR:L), but no user interaction (UI:N). The impact on confidentiality and integrity is high, as attackers can manipulate device behavior and potentially access sensitive data or disrupt operations. Availability impact is not directly affected. At the time of publication, no patches or fixes have been released, increasing the risk for organizations using these devices. The vulnerability is particularly concerning because these devices are often deployed in critical communication infrastructures, including industrial, transportation, and remote monitoring systems, where LTE connectivity is essential. Exploitation could lead to unauthorized control over network devices, undermining network security and operational reliability.

For European organizations, the impact of this vulnerability could be significant, especially for those relying on Microhard IPn4Gii or Bullet-LTE devices for critical communications infrastructure. These devices are commonly used in industrial automation, transportation networks, and remote telemetry systems. Exploitation could allow attackers to escalate privileges and execute unauthorized commands, potentially leading to data breaches, manipulation of network traffic, or disruption of services. This could affect sectors such as energy, manufacturing, logistics, and public transportation, where LTE-based communication devices are integral. Given the local attack vector and requirement for authentication, insider threats or attackers who have gained initial access to the network could leverage this vulnerability to deepen their foothold. The lack of available patches increases the urgency for organizations to implement compensating controls. Additionally, compromised devices could be used as pivot points for lateral movement within networks, increasing the risk of broader compromise. The confidentiality and integrity of sensitive operational data could be severely impacted, leading to regulatory and compliance challenges under frameworks like GDPR and NIS Directive.

1. Immediate network segmentation: Isolate Microhard IPn4Gii and Bullet-LTE devices within dedicated network segments with strict access controls to limit exposure. 2. Restrict access to management interfaces: Ensure that only authorized personnel can access the AT command interface, preferably through secure channels such as VPNs or jump hosts with multi-factor authentication. 3. Monitor and log all AT command usage: Implement detailed logging and real-time monitoring to detect anomalous or unauthorized command injection attempts. 4. Employ strict authentication and authorization policies: Even though the vulnerability requires low privileges, enforcing strong authentication mechanisms can reduce risk. 5. Disable or restrict the use of the AT+MFIP command if not required for operational purposes. 6. Engage with Microhard for updates: Maintain close contact with the vendor to obtain patches or firmware updates as soon as they become available. 7. Conduct regular vulnerability assessments and penetration testing focused on these devices to identify exploitation attempts. 8. Implement intrusion detection/prevention systems (IDS/IPS) tuned to detect command injection patterns targeting these devices. 9. Prepare incident response plans specific to device compromise scenarios to minimize impact in case of exploitation.