The 2nd technology variation of Belkin’s Wemo Mini Intelligent Plug has been observed to have a buffer overflow vulnerability that could be weaponized by a threat actor to inject arbitrary commands remotely.
The issue, assigned the identifier CVE-2023-27217, was found and noted to Belkin on January 9, 2023, by Israeli IoT security enterprise Sternum, which reverse-engineered the machine and obtained firmware entry.
Wemo Mini Wise Plug V2 (F7C063) features effortless distant management, allowing for people to change electronic gadgets on or off applying a companion app installed on a smartphone or tablet.
The coronary heart of the dilemma lies in a element that will make it possible to rename the good plug to a a lot more “FriendlyName.” The default name assigned is “Wemo mini 6E9.”
“The identify length is minimal to 30 figures or fewer, but this rule is only enforced by the application by itself,” security scientists Amit Serper and Reuven Yakar stated in a report shared with The Hacker Information, incorporating the validation was not applied by the firmware code.
As a final result, circumventing the character restrict by making use of a Python module named pyWeMo can lead to a buffer overflow condition, which can then be reliably exploited to crash the device or, alternatively, trick the code into operating destructive instructions and choose in excess of control.
Belkin, in reaction to the results, has stated that it does not plan to tackle the flaw owing to the actuality that the device is achieving close-of-life (EoL) and has been replaced by newer designs.
“It seems that this vulnerability could be brought on by way of the Cloud interface (that means, with no a immediate link to the product),” the scientists cautioned.
In the absence of a take care of, end users of Wemo Mini Intelligent Plug V2 are suggested to avoid exposing them directly to the internet and guarantee that acceptable segmentation steps are carried out if they have been deployed in delicate networks.
“This is what comes about when equipment are transported without the need of any on-product protection. If you only count on responsive security patching, as most machine manufacturers do right now, two points are certain: you will always be a single action powering the attacker, and one particular day the patches will quit coming,” mentioned Igal Zeifman, vice president of internet marketing for Sternum.
Identified this report fascinating? Stick to us on Twitter and LinkedIn to examine a lot more exceptional written content we submit.
Some parts of this article are sourced from:
thehackernews.com
US Offers $10m Reward For Alleged Prolific Ransomware Actor