Monday, July 13, 12:26 p.m.
Home security HiSilicon: Found backdoor on chips used on millions of devices

HiSilicon: Found backdoor on chips used on millions of devices

HISILICONThe Russian researcher security Vladislav Yarmak revealed yesterday that there is one backdoor mechanism in HiSilicon chips, which are integrated into millions smart Appliances around the world (eg security cameras, DVRs, NVRs etc.).

Still no correction has been released, as Yarmak did not inform HiSilicon about the security issue. As he said, he has no confidence in her abilities company for correct correction of the backdoor.

Yarmak posted one report at Habr, containing a detailed analysis of the backdoor. According to the expert, this is a combination of four old bugs / backdoors discovered in March 2013, March 2017, July 2017, and September 2017.

"Obviously, over the years HiSilicon has been reluctant or unable to provide adequate security fixes for the same backdoor, which, incidentally, was deliberately implemented," Yarmak said.

How it works backdoor;

According to the security researcher, an attacker can take advantage of the backdoor by sending a series of commands, via TCP port 9530, to Appliances using HiSilicon chips.

These commands will activate the Telnet service on the vulnerable device.

Yarmak says once the Telnet service is installed, the attacker can connect to one of the following Telnet credentials and yes acquire access into a root account, thus gaining full control over the vulnerable device.

These Telnet logins had been found hardcoded in the HiSilicon chip firmware in previous years, but according to Yarmak, the company didn't do anything about them.

Proof-Of-concept queues

As we said above, Yarmak doesn't trust HiSilicon, so he didn't inform her about the security issue. So there is no one at this time patch. However, the researcher did proof-of-concept (PoC) code that can be used to check whether a "smart" device works with the HiSilicon on-chip (SoC) system and whether the SoC is vulnerable to type attack mentioned above.

If a device is vulnerable, it should be done replacement of equipment.

"Given previous false fixes for this particular backdoor, it is unwise to expect firmware security fixes from the company," Yarmak said. "Owners of such devices should consider finding alternatives."

If owners of vulnerable devices do not have the financial means to change equipment, they must “severely restrict access network on these devices, so that only trusted users can enter ”, especially on ports 23 / tcp, 9530 / tcp, 9527 / tcp (which can be used in attacks).

The proof-of-concept code is available at GitHub. Instructions can be found in the researcher's post at Habr.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement

LIVE NEWS

Germany: Impose sanctions on Russia over Bundestag hacking

Germany has formally proposed that the European Union impose sanctions on Russian individuals responsible for large-scale hacking of ...

Google Chrome: Increases battery life on laptops and smartphones

While Google's Chrome browser had a tough time, its competitors took the opportunity. In response, the company gave ...

USA: New team investigates financial crimes in cyberspace!

The US Secret Service is joining forces with cybercrime and cybercrime services in a group ...

Hacker stole 336 BTC from cryptocurrency company Cashaa

British cryptocurrency company Cashaa reported that hackers took more than 336 Bitcoin from the company. The company has stopped all ...

Higher fees from Facebook for vulnerabilities in Hermes

In an announcement on Friday, Facebook stated that it is going to increase the rewards in its bug bounty program, for ...

Hacker violates American cybersecurity company for revenge!

A hacker claims to have violated the backend servers belonging to an American cybersecurity company and ...

TrickBot malware accidentally warns victims that they have been infected

The famous TrickBot malware accidentally left a test module that warns the victims that they are infected and should contact ...

Financial institutions: The risk of data breach is higher!

According to a report, financial institutions tend to be at greater risk of data breach due to a lack of proper security controls ....

Google Chrome: Import, export and backup stored passwords

Google Chrome Password Manager lets you save usernames and passwords and ...

Apple: do not cover the camera on MacBook devices

Many users today have a habit of covering their laptop camera in order to protect themselves from any surveillance through it. However...