IOActive Security Advisory | KUNBUS Revolution Pi – Multiple Vulnerabilities
KUNBUS GmbH (KUNBUS) develops and offers products and solutions for industrial communication in automation, process, manufacturing and drive technology. This includes a comprehensive portfolio of real-time Ethernet and fieldbus-based protocol technology on state-of-the-art hardware platforms, as well as stacks suitable for the sensor level with IO-Link and IO-Link Wireless and the entry into wireless communication technology.
IOActive Security Advisory | Movistar 4G Router – Multiple Vulnerabilities
IOActive found that the Android Debug Bridge (ADB) is listening on all interfaces and gives access to a shell with root privileges; a malicious actor with access to the same network that the router is providing access to will have full control of the device. A malicious actor can send a specific payload to the gui.cgi using the ping_traceroute_process functionality to execute arbitrary commands as the privileged root user. IOActive saw a general lack of protection against cross-site request forgery (CSRF) attacks. CVE-2024-2414, CVE-2024-2415, CVE-2024-2416
IOActive Security Advisory | Hikvision Camera Denial of Service
CVE-2023-28811. The Hikvision DS-7732NI-14(B) is a 32-channel Network Video Recorder (NVR). IOActive had the opportunity to assess the DS-7732NI-I4 and identified one high-risk vulnerability. This issue could be exploited to cause a denial of service (DoS) to the device.
IOActive Security Advisory | Lamassu Douro Bitcoin ATM – Multiple Vulnerabilities
Supporting security advisory/disclosure document (CVE-2024-0175, CVE-2024-0176 and CVE-2024-0177) supporting the Lamassu Douro Bitcoin ATM research by Gabriel Gonzalez, IOActive Director of Hardware Security. IOActive had access to few of these machines, specifically to Lamassu’s Douro ATM. This provided the team with the opportunity to assess the security of these devices – more specifically, to attempt to gain full control over them – assuming the role of an attacker with the same physical access to the device that a regular customer might have.
IOActive Security Advisory | Socomec NET VISION – Multiple Vulnerabilities
IOActive Security Advisory/Disclosure document (CVE TBA) by Daniel Martinez, IOActive Senior Security Consultant, of the multiple vulnerabilities discovered in the Socomec NET VISION devices. Socomec, Inc. (Socomec) is an electrical equipment design and manufacturing company, specializing in low-voltage energy performance in terms of safety, service continuity, quality and energy efficiency. NET VISION is a professional network adapter for monitoring and controlling UPS units from a remote location. It allows direct connection of a UPS to the IPv4 or IPv6 Ethernet network, thereby enabling remote management of the UPS using a…
IOActive Advisory – ID TECH Disclosure
IOActive response to ID TECH’s advisory on the APDU stack overflow research by Josep Pi Rodriguez.
Microsoft Bluetooth Driver Spoofing Vulnerability
CNJ PJeOffice Remote Code Execution in Update Mechanism
Brasil CNJ’s Processo Judicial Eletrônico (PJe) system processes judicial data with the objective of fulfilling the needs of the Brazilian Judiciary Power: the Superior, Military, Labor, and Electoral Courts; the courts of both the Federal Union and individual states; and specialized justice systems that handle ordinary law and employment tribunals at both the federal and state level. The main goal of PJeOffice is to guarantee the legal authenticity and integrity of documents and processes through digital signatures. It is employed by lawyers, judges, and high-level officials, such as prosecutors and…
Moog EXO Series Multiple Vulnerabilities
Moog Inc. (Moog) offers a wide range of camera and video surveillance solutions. These can be network-based or part of more complex tracking systems. The products affected by the vulnerabilities in this security advisory are part of the EXO series, “built tough to withstand extreme temperature ranges, power surges, and heavy impacts.” These units are configurable from a web application. The operating systems running on these cameras are Unix-based. ONVIF Web Service Authentication Bypass Undocumented Hardcoded Credentials Multiple Instances of Unauthenticated XML External Entity (XXE) Attacks statusbroadcast Arbitrary Command Execution…
Verint PTZ Cameras Multiple Vulnerabilities
Verint Systems Inc. (Verint) sells software and hardware solutions to help its clients perform data analysis. Verint also offers IP camera systems and videos solutions. Most of these cameras are configurable from a web application. The operating systems running on these cameras are Unix-based. DM Autodiscovery Service Stack Overflow FTP root User Enabled Undocumented Hardcoded Credentials Access the Advisory (PDF)