The Complete Magazine on Open Source

Millions of IoT devices compromised by Devil’s Ivy bug

1.75K 0

IoT vulnerability Devil's Ivy

Researchers from IoT security firm Senrio have discovered Devil’s Ivy flaw in a code library called gSOAP. The flaw has affected millions of IoT devices — mainly including security cameras.

Devil’s Ivy flaw, tagged as CVE-2017-9765, is a stack buffer overflow bug that probes remote configuration services of a camera. The researchers have identified that the flaw is activated by sending a large XML file to a web server on a vulnerable system. It is hidden under gSOAP, which is an open source web services code library.

The open source library is imported by the M3004 camera of Axis Communications to remote configuration service. The flaw can be used to continually reboot the camera, block the owner from accessing video feed or to change the network settings.

According to the report, there are over 14,000 cameras that are exposed to the latest vulnerability. These cameras are used across the globe in healthcare, transport, retail, banking, government and critical infrastructure domains.

Genivia, the company that maintains gSOAP, has issued a security advisory alarming users about the issue.

gSOAP is downloaded used by millions of companies around the world. Genivia acknowledges that the vulnerability can cause an open unsecured server to crash or malfunction after 2GB of data is received. Moreover, the company has issued the security patch fixing the issue.

Linux distros also affect

In addition to the Axis camera range, the gSOAP vulnerability has apparently affected some Linux distributions as well. SUSE Linux is found to be one such platforms.

A recent SUSE bug report reveals that the flaw, discovered by its security response team, is currently marked as “in-progress” and is yet to be patched.

Past IoT flaws

It is not the first time when a vulnerability has been found in IoT devices. In last December, Sony IP cameras were spotted with a backdoor Linux flaw that affected as many as 80 camera models by the Japanese company. Infamous attacks like Mirai and BrickerBot also surfaced online in the recent past that alarmed the growing use of IoT.