Headline
CVE-2022-38789: Airties Information Security Policy | Airties
An issue was discovered in Airties Smart Wi-Fi before 2020-08-04. It allows attackers to change the main/guest SSID and the PSK to arbitrary values, and map the LAN, because of Insecure Direct Object Reference.
With the aim of becoming the Worldwide #1 provider of technology and solutions to Broadband operators for smart in-home Wi-Fi solutions, Airties commits to protect confidentiality, availability and integrity of corporate information, personally identifiable information, information systems and business processes of Airties’ and its stakeholder’s.
Corporate information security covers, all parties with access to Airties information systems, including employees, visitors, contractors and consultants and all information (data) processed by Airties information systems regardless of whether it is electronic or in paper (hard copy) form.
All employees of Airties are acting to protect the valuable corporate information by preventing and eliminating information security risks through:
- Comply with applicable ISO27001:2013 and legal requirements and other requirements to which Airties subscribers relative to its business activities.
- Perform information security risk assessments or all information systems on a regular basis in order to identify key information risks and determine the controls required to keep those risks within acceptable limits.
- Educate, train and motivate employees to carry out tasks by considering information security, create continual raising of awareness, protect corporate information and improve the Information Security Management System.
- Regardless of their mission and position, all employees, suppliers and consultants follow corporate information security policies and procedures in order to protect Airties from undesired effects of possible information security incident.
- Timely inform the Information Security Desk in case of witnessing of any kind of information security incident to increase success of incidence response efforts.
Unit Heads are the primary responsible for information security within their area of responsibility. They are responsible of conducting business processes by conforming to this Information Security Policy and related security policy and procedures.
To meet these aims and conform to best practice, Airties is committed to implementing Information Security Management System and related the security controls as set out in the ISO/IEC 27002:2013 standard.
Top Management is also committed to providing the required resources for establishing, implementing, maintaining, and continually improving an Information Security Management System.
Any nonconformity to corporate security standards will be accepted as a security policy violation and be processed according to corporate disciplinary procedures.