Mandiant publishes details of the critical vulnerability in IoT devices from ThroughTek. Since the gap is classified as 3.0 out of 9.6 according to the CVSS10 score, it is considered critical.
According to Mandiant's findings, this vulnerability affects millions of IoT devices that use the ThroughTek "Kalay" network. At the time of publication, Mandiant is unable to compile a comprehensive list of affected devices. However, ThroughTek reports on its website of more than 83 million IoT devices that may be affected. These include internet-connected cameras, baby monitors, and digital video recorders ("DVR" products).
Vulnerability in more than 83 million devices?
The attackers can use the vulnerability (CVE-2021-28372) to remotely compromise the devices and include:
- Listen to live audio
- View video data in real time
- Compromise data information for further attacks based on the capabilities of the hacked device
According to the current version of CVSS v3.0, a score of 0,0 means a “None” rating, a score of 0,1 to 3,9 is rated “Low” and a score between 4,0 and 6,9 is synonymous with the severity "Medium". And a result between 9,0 and 10,0 receives a "critical" rating.
In a blog post, Mandiant has summarized the data and research results collected over the months, as well as recommendations for smart device users.
More at FireEye.com
About Trellix Trellix is a global company redefining the future of cybersecurity. The company's open and native Extended Detection and Response (XDR) platform helps organizations facing today's most advanced threats gain confidence that their operations are protected and resilient. Trellix security experts, along with an extensive partner ecosystem, accelerate technology innovation through machine learning and automation to support over 40.000 business and government customers.