Millions Of IoT Devices Vulnerable To Attacks Leads To Full Takeover

Researchers discovered four significant vulnerabilities in the ThroughTek Kalay Platform, which powers 100 million IoT-enabled devices.

Notably, ThroughTek Kalay’s influence emphasizes the importance of protecting homes, companies, and integrators alike with its widespread presence in security cameras and other devices.

The affected cameras are the Roku Indoor Camera SE, Wyze Cam v3, and Owlet Cam v1 and v2.

When combined, the identified vulnerabilities tracked as CVE-2023-6321, CVE-2023-6322, CVE-2023-6323, and CVE-2023-6324 allow for both remote code execution to fully compromise the victim device and unauthorized root access from within the local network.

Free Webinar on Live API Attack Simulation: Book Your Seat | Start protecting your APIs from hackers

“When chained together, these vulnerabilities facilitate unauthorized root access from within the local network, as well as remote code execution to completely subvert the victim device”, BitDefender researchers shared with Cyber Security News.

Overview Of The Significant Vulnerabilities

CVE-2023-6321 Owlet Camera OS Command Injection

This vulnerability enables the complete compromise of the device by enabling an authorized user to execute system commands as the root user.

“An attacker can make authenticated requests to trigger this vulnerability,” reads the advisory.

CVE-2023-6322 Stack-Based Buffer Overflow

Through a stack-based buffer overflow vulnerability in the handler of an IOCTL message—a feature commonly used to configure motion detection zones in cameras—attackers can obtain root access. 

This is a vulnerability unique to certain gadgets with motion detection capabilities.

CVE-2023-6323 ThroughTek Kalay SDK Insufficient Verification

This vulnerability presents a way for a local attacker to gain the AuthKey secret without authorization, hence facilitating an attacker’s initial connection to the victim’s device.

CVE-2023-6324 ThroughTek Kalay SDK Error In Handling The PSK Identity

This takes advantage of a flaw that lets attackers infer the pre-shared key for a DTLS session, which is a necessary requirement to establish a connection and communicate with the target devices.

Affected Vendors

The Roku Indoor Camera SE, Wyze Cam v3, and Owlet Cam v1 and v2 have been identified as the affected cameras.

Recommendation

Bitdefender reported these vulnerabilities to ThroghTek on October 19, 2023, and the vendor has subsequently patched them.

It is advised that users of the affected devices ensure they have updated every update that is available. 

On-Demand Webinar to Secure the Top 3 SME Attack Vectors: Watch for Free

Sneka

Recent Posts

Nearest Neighbor Attacks: Russian APT Hack The Target By Exploiting Nearby Wi-Fi Networks

Recent research has revealed that a Russian advanced persistent threat (APT) group, tracked as "GruesomeLarch"…

1 day ago

240+ Domains Used By PhaaS Platform ONNX Seized by Microsoft

Microsoft's Digital Crimes Unit (DCU) has disrupted a significant phishing-as-a-service (PhaaS) operation run by Egypt-based…

2 days ago

Russian TAG-110 Hacked 60+ Users With HTML Loaded & Python Backdoor

The Russian threat group TAG-110, linked to BlueDelta (APT28), is actively targeting organizations in Central…

2 days ago

Earth Kasha Upgraded Their Arsenal With New Tactics To Attack Organizations

Earth Kasha, a threat actor linked to APT10, has expanded its targeting scope to India,…

2 days ago

Raspberry Robin Employs TOR Network For C2 Servers Communication

Raspberry Robin, a stealthy malware discovered in 2021, leverages advanced obfuscation techniques to evade detection…

2 days ago

145,000 ICS Systems, Thousands of HMIs Exposed to Cyber Attacks

Critical infrastructure, the lifeblood of modern society, is under increasing threat as a new report…

2 days ago