Devil's ivy: failure detected in security cameras
Table of contents:
The security of our devices, both smartphones and computers, is something that worries us. Therefore, we routinely have security patches and updates available. The problem arises when faults are detected in other devices that do not receive such updates with the same frequency.
Devil's Ivy: Bug detected on security cameras
A security company called Senrio has discovered a vulnerability (CVE-2017-9765) in a third-party development library called gSOAP toolkit. They have named this vulnerability Devil's Ivy. And what is achieved by exploiting such vulnerability is a buffer overflow that allows a hacker to remotely cause Demon to crash. Thus, being able to execute the arbitrary code on the device in question.
Exploit in security cameras
This failure has been discovered by analyzing a security camera from the company Axis Communications. When attackers take advantage of such failure they can access the camera feed or even block the owner from accessing the feed. Thus taking full control of the camera.
This problem is especially relevant when we consider that there are security cameras that store essential information. Think of those located in banks or sensitive areas of companies. They can be helpful in the event of robbery or terrorist attacks. But a vulnerability like Devil's Ivy can allow access to these cameras and allow the information to fall into unwanted hands.
Axis, the first affected, has revealed that the problem exists in all its models (around 250). Other companies such as Siemens, Hitachi or Canon may also be affected by this vulnerability. Some like Axis have already released a security patch. The rest are working on correcting this problem. What do you think of a security flaw like Devil's Ivy?
New security flaw detected in macos high sierra
New security flaw detected in macOS High Sierra. Find out more about the new vulnerability detected in the system in two months.
A critical security flaw has been detected on the oneplus 6
A critical security flaw has been detected on the OnePlus 6. Find out more about the security flaw affecting your phone that should be fixed soon.
Exploit detected that uses a winrar failure to install backdoor
An exploit detected that uses a bug in WinRAR to install backdoor. Find out more about this flaw in the program and what it means.