Security professional Yunus Cadirci discovered a vulnerability in the Universal Plug and Play (UPnP) networking protocol that could expose billions of smart home devices to cyberattack.
As explained on a dedicated website, the CallStranger bug's use for exflitration mainly impacts corporate networks, while the network-scanning and DDoS exploits target consumer Internet of Things devices.
Cadirci thinks the flaw could affect billions of devices, as it extends to Windows devices, Xboxes, and most TVs and routers.
Since he reported CallStranger to the UPnP-maintaining Open Connectivity Foundation, the group has published updates for the protocol.
Cadirci recommends consumers disable UPnP on their home Wi-Fi router, and he has posted a Python script on GitHub to let users scan their local network for susceptible devices.
From Tom's Guide
View Full Article
Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA
No entries found