Disclosed by security vendor Mandiant, the vulnerability impacts IoT devices that are powered by ThroughTek’s Kalay platform, which is often used by IoT camera manufacturers, as well as in smart baby monitors, and Digital Video Recorder (DVR) products.
“This vulnerability, discovered by researchers on Mandiant’s Red Team in late 2020, would enable adversaries to remotely compromise victim IoT devices, resulting in the ability to listen to live audio, watch real time video data, and compromise device credentials for further attacks based on exposed device functionality,” explained Mandiant.
We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.
- These are the best ransomware protection tools
- Here's our choice of the best malware removal software on the market
- Protect your devices with these best antivirus software
Notably, this isn’t the first time CISA has had to step in to help plug a critical vulnerability in ThroughTek devices. A vulnerability detected by Nozomi Networks equipped hackers with just about the same snooping capabilities as the current vulnerability, minus the ability to control affected devices remotely.
Giving a high-level overview of the latest vulnerability, the researchers explain that it can be exploited by attackers to remotely communicate with and even control the affected IoT devices.
“At the time of writing this blog post, ThroughTek advertises having more than 83 million active devices and over 1.1 billion monthly connections on their platform,” say the researchers, who cannot pin down an exact number because of how the Kalay platform is integrated into devices.
Perhaps the only saving grace is that remotely compromising the affected devices isn’t straightforward. According to the researchers, an attacker would not only require comprehensive knowledge of the Kalay protocol, but will also have to trick users into handing over their Kalay unique identifiers (UID).
As such, the vulnerability earned a severity score of just 3.1/9.6 by the Common Vulnerability Scoring System (CVSS).
ThroughTek has already patched the vulnerability, and the researchers urge companies with products based on the Kalay platform to make sure they are using Kalay SDK v220.127.116.11 or v18.104.22.168, while also enabling the platform’s Authkey and Datagram Transport Layer Security (DTLS) features.
- We've put together a list of the best endpoint protection software