Dave McDaniel of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.

Update (April 27, 2021): Cosori has released an update for this product that fixes these two vulnerabilities.

Cisco Talos recently discovered two code execution vulnerabilities in the Cosori smart air fryer.

The Cosori Smart Air Fryer is a WiFi-enabled kitchen appliance that cooks food with a variety of methods and settings. Users can also use the device’s Wi-Fi features to start and stop cooking, look up recipe guides and monitor cooking status.

TALOS-2020-1216 (CVE-2020-28592) and TALOS-2020-1217 (CVE-2020-28593) are remote code execution vulnerabilities that could allow an attacker to remotely inject code into the device. This could hypothetically allow an adversary to change temperatures, cooking times and settings on the air fryer, or start it without the user’s knowledge. The adversary must have physical access to the air fryer for some of these vulnerabilities to work.

An attacker could exploit these vulnerabilities by sending a specially crafted packet to the device that contains a unique JSON object, which would allow them to execute arbitrary code.

Cosori released an update that fixes these vulnerabilities on April 25.

Talos tested and confirmed that the Cosori Smart 5.8-Quart Air Fryer CS158-AF, version 1.1.0 could be exploited by these vulnerabilities.

The following SNORTⓇ rule will detect exploitation attempts against these vulnerabilities: 56729. Additional rules may be released in the future and current rules are subject to change, pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.