Products: AirLink® Gateways running ALEOS 4.5.2 or older
Date of issue: 4 September 2017
The Sierra Wireless security team has discovered a new malware threat targeting gateways running ALEOS 4.5.2 or older that are directly reachable from the public internet and not on a private network. Read the Full Bulletin Here
We take such threats seriously and are actively working with law enforcement, network operators and affected customers to conclusively determine the source of the malware and assist in remediation of affected gateways.
To date, we have only received reports of LS300, GX400 and GX440 gateways being affected. However, we advise all customers running ALEOS 4.5.2 or older on any devices to immediately follow the recommended actions below.
To reduce your exposure to online security threats, Sierra Wireless recommends that all customers
immediately perform the following three actions:
1. Ensure that strong, unique passwords are used for both the user and viewer accounts on the
a. In ACEmanager or ALMS, navigate to Admin > Change Password
b. Set a strong, unique password for both the user and viewer accounts.
2. Disable remote access to ACEmanager if it is not required:
a. In ACEmanager or ALMS, navigate to Services > ACEmanager
b. Set ACEmanager Access – OTA to OFF
3. Ensure you are running to most recent available firmware for your gateway. The following
details the most current firmware for all AirLink® Products:
Product Most recent firmware version
Configuration changes and firmware updates can be performed on individual gateways using
ACEmanager or on multiple gateways at the same time using AirLink Management Service (ALMS).
ALMS is free for customers with up to 15 gateways. For more information please visit
Contact USAT for more details-