Digital photo frames running the Uhale app have been found to automatically download and execute malware upon booting. Quokka security analysts uncovered that various models from brands like BIGASUO and WONNIE share vulnerabilities, exposing users to severe risks. These vulnerabilities allow attackers to gain full control over the devices, potentially leading to widespread network compromises as the frames maintain continuous connections to networks.
The exploitation route primarily involves the Uhale app’s weak security certificate validation during network communications. Attackers can intercept the device’s connections and inject malicious code due to a faulty custom security validator. With a hardcoded encryption key and systemic issues such as SELinux being disabled, attackers can gain root access, allowing them to execute arbitrary commands and compromise sensitive data. Several spyware malware packages have been identified, indicating serious security flaws within these commonly used devices.
👉 Pročitaj original: Cyber Security News
