Tuesday, October 12, 2021

Vulnerability Spotlight: Vulnerabilities in Anker Eufy Homebase could lead to code execution, buffer overflows



Lilith >_> of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. 

Cisco Talos recently discovered two vulnerabilities in the Anker Eufy Homebase. 

The Eufy Homebase 2 is the video storage and networking gateway that works with Anker’s Eufy Smarthome ecosystem. All Eufy devices connect to this cloud-connected device and allow users to adjust the settings on other Eufy Smarthome devices.

TALOS-2021-1369 (CVE-2021-21940) is a heap-based buffer overflow vulnerability in Homebase’s pushMuxer processRtspInfo functionality. An attacker could send a malicious packet to trigger this vulnerability, causing a heap-based buffer overflow. 

TALOS-2021-1370 (CVE-2021-21941) is a use-after-free vulnerability that could allow an attacker to execute remote code on the targeted device. Like the other vulnerability, an attacker needs to send a series of malicious packets to trigger this exploit. 

Cisco Talos worked with Anker to ensure that these issues are resolved and an update is available for affected customers, all in adherence to Cisco’s vulnerability disclosure policy

Users are encouraged to update these affected products as soon as possible: Anker Eufy Homebase 2, version 2.1.6.9h. Talos tested and confirmed these versions of Homebase could be exploited by this vulnerability. 

The following SNORTⓇ rules will detect exploitation attempts against this vulnerability: 58075 - 58080. Additional rules may be released in the future and current rules are subject to change, pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org. 

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.