iLnkP2P vulnerability affects 2 million IoT devices

There is a serious security hole in the P2P communication software component iLnkP2P. Hackers can hijack and access nearly 2 million IoT devices and remotely control them. The P2P software component iLnkP2P is deployed on millions of IoT devices. The iLnkP2P is used in security cameras and webcams, monitors, smart doorbells and digital video recorders. Attackers can exploit vulnerabilities to eavesdrop, steal passwords, and remotely attacks.

Researcher Paul Marrapese, who discovered the vulnerability, said the vulnerability affected 2 million IoT devices worldwide, including HiChip, TENVIS, SV3C, VStarcam, Wanscam, NEO Coolcam, Sricam, EyeSight, and HVCAM. Since iLnkP2P is used for multiple brands of IoT devices, this makes it difficult to identify vulnerable devices, but a specific serial number (UID) can be used to identify these vulnerable devices.

The researchers said that each ID has a unique letter prefix at the beginning that identifies the manufacturer that produced the device, and many companies have white-labeled devices that include iLnkP2P software. Devices with the following prefixes are vulnerable.

Image: krebsonsecurity

It is reported that 39% of vulnerable IoT products are in China, 19% in Europe and 7% in the United States. The researchers notified some equipment suppliers, but they did not receive a response.

CVE-2019-11219 is an enumeration vulnerability in iLnkP2P that allows an attacker to quickly discover online devices. CVE-2019-11220 refers to the iLnkP2P authentication vulnerability, which allows an attacker to intercept a device’s connection, perform a man-in-the-middle attack, and remotely control the device.

Via: krebsonsecurity