Irresponsible Chinese DVR Vendor Still the Target of IoT Botnets One Year Later

Discussion in 'News Archive' started by Solarquest, Apr 8, 2017.

  1. Solarquest

    Solarquest Moderator
    Staff Member AV Tester

    Jul 22, 2014
    #1 Solarquest, Apr 8, 2017
    Last edited by a moderator: Apr 9, 2017
    A Chinese company that manufactures white-labeled DVRs still hasn't patched a security flaw that's been targeted by IoT botnets for over a year.

    This particular vulnerability is a severe RCE (Remote Code Execution) bug that allows an attacker to take over a DVR via a simple request.

    Security flaw discovered in March 2016 remained unfixed
    The flaw came to light last year, after a report from security researcher Rotem Kerner. His investigation discovered that this flaw was present in the firmware of DVRs manufactured by Chinese company TVT.

    Unfortunately, this wasn't any DVR manufacturer, but a seller of white-label products, meaning other vendors purchased the DVRs from TVT, slapped their logo on top, and sold them to their own customers as separate products. In total, Kerner tracked the sloppy-coded DVR firmware to 70 other DVR vendors.

    Despite numerous contact attempts, Kerner was unable to get in contact with the company, meaning the vulnerability remained unpatched.

    TVT flaw became a favorite target for IoT botnet herders
    DardiM likes this.
  2. Amelith Nargothrond

    Mar 22, 2017
    Windows 10
    Security updates come at a price. Chinese brands (not all) are known to have a poor software/customer support. Can't really say i'm surprised by this...
    DardiM likes this.