Thought leaders in information security, we conduct radical, world-changing research and deliver renowned presentations around the world.
Disclosures | ADVISORIES | April 23, 2018

HooToo Security Advisory

HT-TM05 is vulnerable to unauthenticated remote code execution in the /sysfirm.csp CGI endpoint, which allows an attacker to upload an arbitrary shell script that will be executed with root privileges on the device.

Launch PDF
Tao Sauvage
Disclosures | ADVISORIES | July 26, 2017

Physical and Authentication Bypass in Diebold Opteva ATM

Historically, ATMs have been designed without privileged separation between the safe and the internal operating system. In an attempt to address this security concern, Diebold developed the AFD platform. The Opteva line of ATMs with the AFD platform contain an upper cabinet for the operating system and a lower cabinet for the safe, each with its own authentication requirements. Using reverse engineering and protocol analysis, IOActive found a critical vulnerability in the tested version of the Opteva ATM with the AFD platform. Despite its separation of privilege and authentication requirements,…

Launch PDF
Mike Davis & Josh Hammond
Disclosures | ADVISORIES | July 19, 2017

Ninebot by Segway miniPRO Vulnerabilities

Ninebot Limited, which purchased Segway Inc. in 2015, sells a line of self-balancing motorized electric scooters used for transportation under 30km/h. Recently, issues regarding the safety of scooters have surfaced, primarily caused by poor manufacturing quality or a general lack of safety-centered design.

Launch PDF
Thomas Kilbride
Disclosures | ADVISORIES | March 8, 2017

Secure Messaging Application Vulnerabilities Identified

IOActive security researchers tested versions 1.4.2 for Windows and OS X and 4.0.4 for Android, of the Confide messaging application by reverse engineering the published application, observing its behavior, and interacting with the public API. During the evaluation, multiple security vulnerabilities of varying severities were identified, with corresponding attacker exploitation risks ranging from account impersonation and message tampering, to exposing user contact details and hijacking accounts. The issues were reported to the vendor through responsible disclosure and many, including those identified as being critical, were subsequently addressed and resolved quickly…

Launch PDF
Mike Davis Ryan O'Horo & Nick Achatz
Disclosures | ADVISORIES | December 7, 2016

Security Vulnerabilities in Routers

The LB-LINK BL-WR2000 router, manufactured in China and sold world-wide, contains a critical vulnerability that allows an attacker to extract the admin credentials from the login page and gain access to the web admin interface. IOActive has identified 3 high to critical vulnerabilities in the product. An attacker could exploit these issues to fully compromise the device.

Launch PDF
Tao Sauvage
Disclosures | ADVISORIES | August 3, 2016

Multiple Vulnerabilities in BHU WiFi “uRouter”

The BHU WiFi uRouter, manufactured and sold in China, contains multiple critical vulnerabilities. An unauthenticated attacker could bypass authentication, access sensitive information stored in its system logs, and in the worst case, execute OS commands on the router with root privileges. In addition, the uRouter ships with hidden users, SSH enabled by default and a hardcoded root password…and injects a third-party JavaScript file into all users’ HTTP traffic. IOActive has identified seven medium to critical risk vulnerabilities in the product. An attacker could exploit these issues to fully compromise the…

Launch PDF
Tao Sauvage
Disclosures | ADVISORIES | July 21, 2016

Multiple Vulnerabilities in D-Link DCS-5009L IP Camera

The D-Link DCS-5009L IP Camera can be used to remotely monitor your home. It can be accessed via the D-Link Cloud or configured to upload recordings to an FTP server, as well as send notifications by email. The DCS-5009L can rotate and tilt, and has night vision and movement detection. IOActive has identified four high-risk and two low-risk vulnerabilities in the D-Link DCS-5009L IP Camera. An attacker could exploit these issues to fully compromise the confidentiality, integrity, and availability of the product.

Launch PDF
Tao Sauvage

Commonalities in Vehicle Vulnerabilities

2022 Decade Examination Update | With the connected car now commonplace in the market, automotive cybersecurity has become the vanguard of importance as it relates to road user safety. IOActive has amassed over a decade of real-world vulnerability data illustrating the issues and potential solutions to cybersecurity threats today’s vehicles face.

This analysis is a major update and follow-up to the vehicle vulnerabilities report originally published in 2016 and updated in 2018. The goal of this 2022 update is to deliver current data and discuss how the state of automotive cybersecurity has progressed over the course of 10 years, making note of overall trends and their causes.