RCE exploit for Wyze Cam v3 publicly released, patch now

RCE exploit for Wyze Cam v3 publicly released, patch now

October 30, 2023 at 05:56PM

A security researcher has published a proof-of-concept exploit for Wyze Cam v3 devices, allowing attackers to take control of vulnerable cameras. The exploit takes advantage of two flaws in the firmware, enabling remote code execution and the ability to overwrite stack memory. Wyze has released a firmware update to address the issues, but the researcher criticized their timing and patching strategies. Users should apply the security update promptly and isolate their cameras if unable to update.

Meeting Takeaways:
– A security researcher named Peter Geissler discovered two flaws in the latest Wyze Cam v3 firmware that allow for remote code execution and takeover of vulnerable devices.
– The first flaw is an authentication bypass problem with DTLS, allowing attackers to bypass security measures using arbitrary PSKs during the TLS handshake.
– The second flaw involves bad handling of a specific array in the iCamera code, leading to a stack buffer overflow and potential execution of malicious code on the camera.
– Geissler released an exploit on GitHub that combines these two flaws, providing attackers with an interactive Linux root shell and turning vulnerable cameras into persistent backdoors.
– The exploit has been tested and confirmed to work on specific firmware versions, but Wyze has released a patch (version 4.36.11.7071) that addresses the vulnerabilities.
– Wyze’s patching strategy has caused controversy, as Geissler claims the patch was released after a competition registration deadline, potentially allowing competing teams to abandon their exploit efforts.
– Wyze maintains that they were not aware of the issue for years and patched it promptly after receiving a report in their bug bounty program.
– It is unclear at this time whether the bug exists in other devices’ firmware, and Wyze is currently investigating.
– With the release of the exploit into the public domain, there is a risk of mass exploitation in the future, and users are advised to apply the firmware update as soon as possible.
– If unable to update, users should isolate their Wyze cameras from networks that serve critical devices.

Full Article