IoT researchers from cybersecurity firm Bitdefender have identified several vulnerabilities in popular cameras from Wyze, Roku and Owlet that could allow attackers to fully compromise the devices.
According to a Bitdefender blog, the vulnerabilities exist in the ThroughTek Kalay Platform, which is a framework that powers more than 100 million devices globally. There are four disclosed vulnerabilities in the platform affecting devices from those three manufacturers, and when chained together, can facilitate unauthorized root access within the local network, as well as remote code execution to completely take over the device.
Here is what Bitdefender says about those three impacted devices:
Owlet Cam v1 and v2
Owlet Cam uses the ThroughTek Kalay solution to communicate with clients over the Internet. The three vulnerabilities (CVE-2023-6323, CVE-2023-6324, and CVE-2023-6321) can be chained together to allow an attacker to obtain root access from the local network and then to execute commands on the device. On Owlet Cam, command execution is obtained via CVE-2023-6321 – a vulnerability in IOCTL message 0x6008E, which is used to unpack archives containing OTA updates.
Wyze Cam v3
Bitdefender researchers have identified three vulnerabilities in Wyze Cam v3. They are tracked as CVE-2023-6322, CVE-2023-6323, and CVE-2023-6324. Chained together, these vulnerabilities allow an attacker to obtain root access from the local network. In this case, command execution on the Wyze Cam v3 is obtained via CVE-2023-6322 – a stack-based buffer overflow vulnerability in the handler of IOCTL message 0x284C that is used to set the motion detection zone.
2024 Lighting Controls and Fixtures Report
Lightapalooza took place in late February, and the growth of the event has mirrored the rapid ascension lighting fixtures and controls.
Download your copy now!
Roku Indoor Camera SE
The vulnerabilities in the Roku Indoor Camera SE are identical to those in Wyze Cam v3 (and potentially other security cameras). Bitdefender researchers have daisy-chained CVE-2023-6322, CVE-2023-6323, and CVE-2023-6324to obtain the necessary prerequisites for talking to the camera and for running OS commands as root user.
According to Bitdefender, the ramifications of these IoT security bugs extend far beyond the realm of theoretical exploits and directly impact the privacy and safety of users.
The company reported the findings to the impacted companies. Updated versions of firmware and SDKs have been published for those devices.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!