Default Hard-Coded Credentials Expose Seagate Wireless Hard Drives to Attacks

Status
Not open for further replies.
Exterminator

Exterminator

Community Manager
Thread author
Verified
Staff Member
Well-known
Oct 23, 2012
12,527
Content source
http://news.softpedia.com/news/default-hard-coded-credentials-expose-seagate-wireless-hard-drives-to-attacks-491121.shtml
Seagate fixes the problems through a firmware update
Three severe vulnerabilities have been found in the firmware of three Seagate wireless hard drives product lines. All three have been properly disclosed to the company and have been now fixed through the release of firmware updates.

The three affected Seagate hard drives device lines are LaCie FUEL, Seagate Wireless Mobile Storage, and Seagate Wireless Plus Mobile Storage.

Responsible for discovering the vulnerabilities are Mike Baucom, Allen Harper, and J. Rach, all security researchers for Tangible Security.

Hard-coded credentials are to blame
The first security vulnerability (CVE-2015-2874) is an issue relating to the hard drive's design.

In default configurations, the same default admin password used to configure the device, can also be used via Telnet, together with the root username.

This allows any malicious user to gain access to the Telnet root account and sub-sequentially get control over the hard drive itself, along with all the files stored inside it.

The second and third vulnerabilities (CVE-2015-2875, CVE-2015-2876) can be exploited when the hard drive again uses the default configuration.

When the attacker is in the hard drive's wireless range, these vulnerabilities can be exploited to provide unrestricted download and upload capabilities to the device.

Firmware updates have been released to fix the issues
The security researchers that have discovered these bugs confirm that firmware versions between 2.2.0.005 and 2.3.0.014 are affected. Samsung's 3.4.1.105 firmware update should fix the reported problems.

This is not the first time when hard-coded credentials have caused problems, just two weeks ago we reported on a case which allowed attackers to hijack five types of DSL, SOHO (small office / home office) WiFi routers.

Hard-coded credentials aren't a problem, in general, since they are needed to configure most wireless devices in the first place. As with most cases, problems arise when these hard-coded credentials are reused via Telnet connections.
Click to expand...
 
  • Like
Reactions: BoraMurdar and frogboy
Status
Not open for further replies.

Similar threads

P
    • +Reputation
    • Wow
    • Like
Seagate Given 300 Mn USD Fine For Export Violation of Disk Drives to Huawei
Replies
0
Views
468
News Archive
plat
P
Bot
    • Like
Security News E-Root Marketplace Admin Sentenced to 42 Months for Selling 350K Stolen Credentials
Replies
0
Views
721
Security News
Bot
Bot
Gandalf_The_Grey
    • +Reputation
    • Like
CISA: Enphase ignores reports about vulnerabilities in Envoy
Replies
2
Views
1,113
News Archive
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top