January 27, 2016
The Internet of Things security challenge is twofold: finding bugs, and more urgent – fixing them.
Cisco’s Talos security intelligence and research group found and privately disclosed a serious and trivially exploitable client-side bug in MiniUPnP that was patched in September of last year.
The problem is: How many patches were applied by vendors in their products and how many admins knew about the patch and deployed it on networks worldwide?
The vulnerability in the library (CVE-2015-6031) – MiniUPnP facilitates local communication between devices behind a firewall – is a buffer overflow. A successful exploit gives an attacker remote-code execution capabilities on a device, and quite likely further access inside the local network.