Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Preprint |
| Published: |
2024
|
| Subjects: | |
| Online Access: | https://arxiv.org/abs/2406.15103 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1866908760604147712 |
|---|---|
| author | Stabili, Dario Bocchi, Tobia Valgimigli, Filip Marchetti, Mirco |
| author_facet | Stabili, Dario Bocchi, Tobia Valgimigli, Filip Marchetti, Mirco |
| contents | Consumer IP cameras are now the most widely adopted solution for remote monitoring in various contexts, such as private homes or small offices. While the security of these devices has been scrutinized, most approaches are limited to relatively shallow network-based analyses. In this paper, we discuss a methodology for the security analysis and identification of remotely exploitable vulnerabilities in IP cameras, which includes static and dynamic analyses of executables extracted from IP camera firmware. Compared to existing methodologies, our approach leverages the context of the target device to focus on the identification of malicious invocation sequences that could lead to exploitable vulnerabilities. We demonstrate the application of our methodology by using the Tenda CP3 IP camera as a case study. We identified five novel CVEs, with CVSS scores ranging from 7.5 to 9.8. To partially automate our analysis, we also developed a custom tool based on Ghidra and rhabdomancer. |
| format | Preprint |
| id |
arxiv_https___arxiv_org_abs_2406_15103 |
| institution | arXiv |
| publishDate | 2024 |
| record_format | arxiv |
| spellingShingle | Finding (and exploiting) vulnerabilities on IP Cameras: the Tenda CP3 case study Stabili, Dario Bocchi, Tobia Valgimigli, Filip Marchetti, Mirco Cryptography and Security Consumer IP cameras are now the most widely adopted solution for remote monitoring in various contexts, such as private homes or small offices. While the security of these devices has been scrutinized, most approaches are limited to relatively shallow network-based analyses. In this paper, we discuss a methodology for the security analysis and identification of remotely exploitable vulnerabilities in IP cameras, which includes static and dynamic analyses of executables extracted from IP camera firmware. Compared to existing methodologies, our approach leverages the context of the target device to focus on the identification of malicious invocation sequences that could lead to exploitable vulnerabilities. We demonstrate the application of our methodology by using the Tenda CP3 IP camera as a case study. We identified five novel CVEs, with CVSS scores ranging from 7.5 to 9.8. To partially automate our analysis, we also developed a custom tool based on Ghidra and rhabdomancer. |
| title | Finding (and exploiting) vulnerabilities on IP Cameras: the Tenda CP3 case study |
| topic | Cryptography and Security |
| url | https://arxiv.org/abs/2406.15103 |