Preface: It was the best of times, it was the worst of times, it was the age of wisdom, it was the age of foolishness, …
Synopsis: Mongoose is a cross-platform embedded web server and networking library with functions including different protocol (TCP, HTTP, WebSocket, Server MQTT client and broker). Since the footprint is small and capable to enables any Internet-connected device to function as a web server. Whereby, the temperature, weather monitoring device and Smart City sensor will make use of it. Most nuclear reactors use water as a moderator, which can also act as a coolant. So IoT temperate is the major component in this area.
Reference: When temperature senor sense the temperature exceed safety level. It will apply graphite to slows neutrons fission. So the logarithmic reduction of neutron energy per collision.
Vulnerability details: A vulnerability in Cesanta Mongoose could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on a targeted system. If the newly allocated data chances to hold a class, in C++ for example, various function pointers may be scattered within the heap data. If one of these function pointers is overwritten with an address to valid shellcode, execution of arbitrary code can be achieved.
Remedy: At the time this alert was first released, the vendor has not issued a security advisory.
Preface: IoT device similar a delivery arm of robotic concept. They are the python language heavy duty users.
Python language married with IoT devices – For IoT, there has been a variant of python called Micropython , that lets you program for IoT in Python. Additionally, developer can use Raspberry Pi to program your IoT applications in Python.
Vulnerability details: A vulnerability in the the urllib.parse.urlsplit and urllib.parse.urlparse components of Python could allow an unauthenticated, remote attacker to obtain sensitive information from a targeted system.
Synopsis: Python Web application (Web Frameworks for Python) which accepting Unicode URL will be converted to IDNA (Punycode) or ASCII for processing. This conversion will decompose certain Unicode characters that can affect the netloc part of your URL, potentially resulting in requests being sent to an unexpected host.
Remark: Parse a URL into six components, returning a 6-item named tuple. This corresponds to the general structure of a URL: scheme://netloc/path;parameters?query#fragment.
Preface: This design flaw has attracted me. Perhaps the supplier has no formal remediation solution yet. But the impact of this vulnerability seems to be broad!
Vulnerability detail: There is potential for memory corruption in the RIL daemon due to the following reason. The location of dereference of memory is outside the allocated array length in RIL.
Meaning of “dereference” (common criteria): The dereference operator or indirection operator, sometimes denoted by “*” (i.e. an asterisk), is a unary operator (i.e. one with a single operand) found in C-like languages that include pointer variables.
Preface: The Marvell 88W8897A SoC (System on a Chip) is the industry’s first 802.11ac chip to combine Bluetooth 4.2, mobile MIMO (Multi-input Multi-output), transmit beamforming, and with built-in support for all screen projection technologies.
Technology Background: Computer design primary focus on memory usage. Even though without an exception in SoC (System on a Chip) design.
Vulnerability found: During Wi-Fi network scans, an overflow condition can be triggered, overwriting certain block pool data structures.
Exploitation of vulnerability: Attacker can exploit ThreadX block pool overflow vulnerability to intercept network traffic or achieve code execution on the host system.
Remedy: Marvell encourages customer to contact their Marvell representative for additional support.
Remark: This vulnerability was post on headline news on mid of January 2019. However we could not found any positive responses announce by vendor.
Japan is going to execute infiltration to citizens smart home devices. Do you think what is the goal? Whether they are aware of 3rd party (enemy) has been completed a surveillance program in their country or they are avoid to become a botnet victim?
Preface: Maybe this is a trend! If we are going to the next generation world (IoT 4.0). At the same time, the APT Group is also sniffing the cybersecurity loopholes in that place!
Technical background: In business world we understand the function of broker. A similar situation in computer world, we so called gateway vs middle-ware are equivalence to broker. The modern computer world involves multi vendor and multi-environment and therefore we can’t lack of broker. As a result this area become critical.
Preface: Electric vehicles (EVs) have no tailpipe emissions. Replacing conventional vehicles with EVs can help improve roadside air quality and reduce greenhouse gas emissions.
Technical background: Level 2 electric car chargers deliver 10 to 60 miles of range per hour of charging. They can fully charge an electric car battery in as little as two hours, making them an ideal option for both homeowners who need fast charging and businesses who want to offer charging stations to customers.
Subject matter expert: EVlink Parking a charging stations for shared usage or on-street developed by Schneider Electric.
Vulnerabilities found: Schneider Electric has become aware of multiple vulnerabilities in the EVLink Parking product (see below):
A SQL Injection vulnerability exists in EVLink Parking, v3.2.0-12_v1 and earlier, which could give access to the web interface with full privileges.
A Code Injection vulnerability exists in EVLink Parking, v3.2.0-12_v1 and earlier
A Hard-coded Credentials vulnerability exists in EVLink Parking, v3.2.0-12_v1 and earlier
Preface: Key component of smart city are the IoT devices. The communication protocol of the IoT devices are Lora, SigFox and NarrowBand (NB).
Background: In realistic, smart city cannot lack of wifi setup for assistance. So, WiFi is one the key component in this family (Smart City).
Vendor Cisco follow up TI BLE chips vulnerability – CVE-2018-16986: Suggest verify with the following command on wireless AP device. If device show not support BLE function and therefore confirm device not vulnerable.
ap# show controllers bleRadio 0 interface
BLE not supported on this platform