Security News > 2023 > May > Belkin Wemo Smart Plug V2 – the buffer overflow that won’t be patched

Belkin Wemo Smart Plug V2 – the buffer overflow that won’t be patched
2023-05-16 20:59

Researchers at IoT security company Sternum dug into a popular home automation mains plug from well-known device brand Belkin.

Even though there are probably loads of these affected devices in use in the real world, Belkin apparently said that it considered the device to be "At the end of its life" and that the security hole will therefore not be patched.

The problem that the researchers discovered was a good old stack buffer overflow in the part of the device software that allowed you to change the so-called FriendlyName of the device - the text string that is displayed when you connect to it with an app on your phone.

The Belkin programmers apparently reserved 68 bytes of temporary storage to keep track of the new name when you renamed the device.

Instead, they assumed that you'd use their official phone app to perform the device renaming process, and thus that they could control the amount of data sent to the device in the first place, and thus head off any buffer overflow that way.

The researchers were quickly able to try ever-longer names to the point that they could crash the Wemo device at will by writing over the end of the memory buffer reserved for the new name, and corrupting data stored in the bytes that immediately followed.


News URL

https://nakedsecurity.sophos.com/2023/05/16/belkin-wemo-smart-plug-v2-the-buffer-overflow-that-wont-be-patched/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Belkin 14 0 2 6 12 20