Manufacturers of smart devices ignore the safety of devices sold on the market
I promise to simplify my life, but come with my own problems and vulnerabilities. According to a Bitdefender study, most smart devices on the market can be easily attacked remotely, mainly because of operating system vulnerabilities
The most common type of vulnerability identified is Denial of Service (DoS), which accounts for 42% of all firmware-related security errors. This means the device becomes permanently or temporarily inoperative.
The second place is buffer overflow (21%), vulnerabilities that, depending on the complexity of the exploit code, allow the attacker to arrogate extensive rights on the device, restrict the user's access to certain services, enter the network, or to evade and delete data.
According to the data collected last month by the Bitdefender BOX security solution:
- 95% of vulnerabilities detected in smart devices are firmware-related
- 42% of all firmware-related security errors involve restricting access to services, which means the device becomes permanently or temporarily inoperable
- More than 9,000 of the identified vulnerabilities had already been made public, which means that anyone could consult them to write a code for their exploitation
In 10% of the systems analyzed, the firmware was susceptible to remote code execution which, when exploited, makes the device fully under attacker control. In 7% of cases, errors were identified that could be used to gain access to information on the device, which helps villains identify software components that they can attack or get details about the network they are connecting to .
The presence on smart devices of a vulnerable firmware is common in the Internet of Things (IoT) universe, where, in most cases, a firmware solution developed by a single manufacturer is used for products of the same category of different vendors, leading to flooding the market with vulnerable devices
Among the scanned systems is a wide range of smart devices including TVs, thermostats, webcams, home access systems, gaming consoles, refrigerators, washing machines and internet-connected air conditioners, switches and lighting, sockets or motion sensors
Bitdefender BOX is a security device fully developed in Romania, already delivered to countries like the United States of America, France, Germany and Japan