August 5, 2024 at 04:17PM
Researchers warn that tens of thousands of Ubiquiti Inc. small office/home office (SOHO) devices are vulnerable to a five-year-old bug, potentially leading to denial-of-service attacks. Despite patches, around 20,000 devices remain vulnerable, with risks of data leakage and unauthorized access. The issue highlights the broader challenge of IoT security and the need for automatic updates.
From the provided meeting notes, it is evident that tens of thousands of small office/home office (SOHO) devices sold by Ubiquiti Inc. remain vulnerable to a five-year-old bug, even though it has been patched and acknowledged. Researchers from Rapid7 were able to find nearly 500,000 vulnerable devices, and around 20,000 devices are still susceptible to exploitation.
Moreover, compromised devices can not only be utilized in a SOHO botnet for denial-of-service (DoS) attack amplification but can also leak potentially sensitive data. This includes specific information about the devices, owners’ names, locations, and even business addresses. The exposed privileged process found on port 7004 can be exploited to communicate with the devices without any authentication, posing a significant security risk.
It is highlighted that despite the availability of simple fixes and patches for the affected products, tens of thousands of devices in the wild remain unpatched. This issue sheds light on the broader challenges of IoT security, implying the importance of patching IoT devices and the need for automatic updates enabled by default.
The key takeaway from the meeting notes is the urgent need to address the remaining vulnerable devices and to raise awareness about the significance of IoT security for end users.