New York, November 13, 2024 —OvrC flaws expose IoT devices to hijacking risks. Discover how weak security controls in cloud management create a new wave of vulnerabilities in IoT networks.
A recent security analysis reveals that critical vulnerabilities in Snap One’s OvrC platform could allow attackers to remotely hijack IoT devices, posing severe risks to millions of users.
The OvrC platform, widely used for managing and troubleshooting IoT devices across homes and businesses, has been found vulnerable to 10 exploitable flaws, leaving connected devices, such as cameras, routers, and automation systems, exposed to unauthorized control.
These vulnerabilities, identified by cybersecurity firm Claroty and detailed by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), allow attackers to bypass authentication and control devices remotely.
Critical vulnerabilities like CVE-2023-28649 and CVE-2023-31241 can enable attackers to impersonate hubs, claim unregistered devices, and even execute code by uploading malicious firmware.
The cross-claim issue stems from weak device-to-cloud interface controls. Attackers can hijack, disrupt, and even elevate privileges on devices, turning them into potential attack vectors within their networks.
The CISA warning highlights the need for swift updates, as such vulnerabilities can allow attackers to weaponize devices for surveillance or execute harmful operations. Snap One released patches to address these flaws; however, the incident calls for improved security in IoT device management across all platforms.
With cloud control systems becoming the norm, securing these interfaces is essential to prevent extensive breaches.
As IoT reliance grows, the implications of these vulnerabilities could be severe, threatening data privacy and device integrity across millions of connected households and businesses.
Other News At VPNRanks
- Tewkesbury Council’s ‘Cyber Attack’ Turns Out to Be a False Alarm
- China Hacks US Telecom Giants, Spies on Top Officials’ Calls
- WPLMS WordPress Flaw Exposes Sites to Full Control Hacks
Hey, wait!
Stay informed on the latest privacy updates, cybersecurity insights, and internet freedom news by following VPNRanks news daily! As your primary resource for critical updates in online security, we ensure you’re always in the know. Make VPNRanks your go-to guide for safeguarding your digital life!
