Security News > 2021 > October > Rickroll Grad Prank Exposes Exterity IPTV Bug
Cybersecurity star-in-the-making and recent high-school graduate Minh Duong found, and was able to exploit, a zero-day bug in the district's Exterity IPTV system.
The goof was received in good humor by school administrators, luckily for Minh and his cohorts, and the bug was reported to Exterity.
"CVE-2021-42109 has been reserved for the Exterity IPTV privesc vulnerabilities, with my blog post being listed as a reference."
"The Big Rick," as the prank was called, came off beautifully - hijacking every TV, projector and monitor on the district's IPTV system to play Rick Astley's classic video for "Never Gonna Give You Up.".
"Since freshman year, I had complete access to the IPTV system," he said.
According to its company site, Exterity is used across the world to deliver broadcast-quality television over IP networks.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-08 | CVE-2021-42109 | Insecure Default Initialization of Resource vulnerability in Vitec products VITEC Exterity IPTV products through 2021-04-30 allow privilege escalation to root. | 10.0 |