December 11, 2023 at 10:12AM
Google announced patches for high- and moderate-severity vulnerabilities in Chromecast, disclosed at the HardPwn USA 2023 competition. Three exploits were recognized, with reward recipients named. Vulnerabilities include supply chain interception and Android TV streaming box malware injection. Exploits allow persistent code execution without the user’s knowledge. Additionally, researchers identified attack vectors and potential exploits in KeyChainActivity.
Based on the meeting notes, the key takeaways are:
1. Google has recently announced patches for high- and moderate-severity vulnerabilities in Chromecast, which were exploited at a hacking competition.
2. The vulnerabilities affect AMLogic chips, specifically the U-Boot subcomponent, and a KeyChain issue in the System component.
3. Researchers, credited by Google, discovered and exploited these vulnerabilities at the HardPwn USA 2023 hacking competition.
4. DirectDefense published a blog post detailing a Secure Boot exploit chain developed by the researchers, which could aid attackers in obtaining persistent code execution without the victim’s knowledge.
5. There are concerns about supply chain interception, with potential malware injection into Android TV streaming boxes sold through third-party retailers.
6. The researchers identified attack vectors such as eMMC fault injection, Android Verified Boot bypass, and Bootloader Control Block (BCB) persistence method, which enable persistent hacks and code execution without user knowledge.
7. Other vulnerabilities in Android, particularly related to the KeyChain, were also discovered by some researchers and are being reviewed by Google.
8. The Chromecast exploit by a different group of researchers allowed them to compromise the device and install malicious firmware, invisible to the user and retaining full functionality.
These takeaways summarize the main points discussed in the meeting notes regarding the Chromecast vulnerabilities and the researchers’ findings.