Security News > 2021 > August > Millions of IoT Devices Exposed to Attacks Due to Cloud Platform Vulnerability

Researchers at FireEye's threat intelligence and incident response unit Mandiant have identified a critical vulnerability that exposes millions of IoT devices to remote attacks.

The flaw was found in a core component of the Kalay cloud platform for IoT devices offered by ThroughTek, a Taiwan-based company that provides IoT and M2M solutions for surveillance, security, smart home, cloud storage, and consumer electronics systems.

Mandiant researchers discovered in late 2020 that the platform, which is used by millions of IoT devices from many vendors, is affected by a critical vulnerability that can be exploited to remotely hack affected systems.

Since many of the impacted devices are video surveillance products - this includes IP cameras, baby monitors and digital video recorders - exploiting the vulnerability could allow an attacker to intercept live audio and video data.

Dillon Franke, one of the Mandiant researchers who discovered the vulnerability, told SecurityWeek that while the UID cannot be obtained through brute-forcing, there are other ways to obtain the data, including for mass attacks.

"Mandiant has discovered vendor-specific endpoints that could allow an attacker to enumerate valid UIDs. Additionally, an attacker on a public network such as airport wifi could capture and decode a victim connecting to their Kalay device to obtain the victim's UID. Therefore, mass attacks are possible," Franke explained.

News URL

http://feedproxy.google.com/~r/securityweek/~3/j_LSaAn3b9I/millions-iot-devices-exposed-attacks-due-cloud-platform-vulnerability