![]() In some environments, fairly sophisticated IT teams may be closely tracking their IP cameras, and staying completely on top of firmware updates. Many of these devices are fairly high-end, protecting significant enterprise or government assets. Perhaps by the time you’ll visit, Sony will have shared this info a bit more prominently. ![]() We can’t find anything yet on its main Security or News or Support Center pages, or anything suggesting a serious security issue on its Resources page. Sony’s website seems to have been equally circumspect about notifying its customers. It has asked Sony about this… but so far, radio silence. SEC Consult suspects the backdoors may have been “introduced by Sony developers on purpose (maybe as a way to debug the device during development or factory functional testing)”. (You’ll need to: it’s full of non-native English like: “About 30 minutes by the time the one-target version up completes or it drives.”) Decompress the firmware package, paying close attention to the 16-page PDF instruction manual. You’ll need Sony’s accompanying SNC Tool Box utility, too. If you own one (or 1,000) of these, go and download the firmware update stat, here. Happy ending, right? Sure, assuming every Sony IPELA camera owner on Earth quickly updates their firmware. Finally, after getting all these ducks in a row, SEC Consult publicly released its security advisory on December 6. Over the following week, CERT-BUND, CERT-at, and the Forum of Incident Response Teams were notified. Sony released updated firmware on November 28 and informed SEC Consult. SEC Consult’s blog entry walks through every step involved in bootstrapping an attack that first sends HTTP requests, authenticates, finds hidden CGI capabilities, uses them to start Telnet network services that were previously turned off by default, and then logs in with root privileges to a Linux shell, taking full control of the device.Īccording to its detailed Security Advisory, SEC Consult notified Sony on October 14, followed up twice to ask for progress updates, and was informed on November 8 that Sony was working on a fix. (SEC Consult carefully avoided trying: “We have not cracked the root password, but it’s only a matter of time until someone will.”) The password associated with user “admin” was, sure enough, “admin”.Ī second password hash, for the user “root”, appeared almost equally easy to break. ![]() They quickly discovered multiple sets of hard-coded password hashes. Its researchers first discovered these holes in early October, while testing another firmware update. SEC Consult found backdoors that could allow attackers “to run arbitrary code on the affected IP cameras… to take a foothold in a network and launch further attacks, disrupt camera functionality, send manipulated images/video, add cameras into a Mirai-like botnet or to just simply spy on you”. But, as security researchers at SEC Consult recently discovered, Sony might have done just that with 80 models of its Sony IPELA Engine IP Cameras. Security is tough enough without product developers punching backdoors into their own IP devices and then shipping them unpatched.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |