Researchers have recently discovered four crucial vulnerabilities in the ThroughTek Kalay Platform, which is responsible for powering over 100 million IoT-enabled devices. The widespread influence of ThroughTek Kalay underscores the significance of protecting homes, businesses, and integrators from potential security breaches, given its prominent presence in security cameras and other devices.

The vulnerable cameras identified include the Roku Indoor Camera SE, Wyze Cam v3, and Owlet Cam v1 and v2. These vulnerabilities, tracked as CVE-2023-6321, CVE-2023-6322, CVE-2023-6323, and CVE-2023-6324, enable remote code execution to fully compromise the victim device and unauthorized root access from within the local network.

BitDefender researchers have highlighted the severity of these vulnerabilities, stating that when exploited together, they allow unauthorized root access within the local network and remote code execution to completely take over the victim device.

One of the vulnerabilities, CVE-2023-6321, enables an attacker to execute system commands as the root user, leading to the complete compromise of the device. In the case of CVE-2023-6322, a stack-based buffer overflow vulnerability allows attackers to obtain root access by exploiting the handler of an IOCTL message used for configuring motion detection zones in cameras.

Another vulnerability, CVE-2023-6323, provides a loophole for a local attacker to acquire the AuthKey secret without permission, facilitating the initial connection to the victim’s device. Lastly, CVE-2023-6324 leverages a flaw in handling the pre-shared key for a DTLS session, enabling attackers to infer the key needed to establish a connection with the target devices.

The affected vendors, including Roku Indoor Camera SE, Wyze Cam v3, and Owlet Cam v1 and v2, have been made aware of these vulnerabilities. Bitdefender reported the vulnerabilities to ThroughTek on October 19, 2023, and the vendor has promptly released patches to address these security flaws. Users of the impacted devices are strongly advised to ensure they have installed all available updates to mitigate the risks posed by these vulnerabilities.

In conclusion, the discovery of these vulnerabilities in the ThroughTek Kalay Platform serves as a stark reminder of the potential security threats faced by IoT-enabled devices. It underscores the importance of robust cybersecurity measures to safeguard against unauthorized access and exploitation. By staying vigilant and promptly applying security updates, users can strengthen the security posture of their devices and protect themselves from potential cyber threats.

Link na izvor