Multiple Vulnerabilities In Telepresence Robots Patched
Researchers from Zingbox have discovered multiple security vulnerabilities in Telepresence Robots. Precisely, they found at least five different bugs in these robots that posed a severe security threat to the users. Exploitation of this bug could allow an attacker to get complete control of the device and access users’ photos.
As disclosed in their press release, Zingbox found a suite of five security vulnerabilities that could trigger hacking attacks together. This includes different flaws ranging from unsecured credentials to unauthenticated remote access. The researchers have given the details of these bugs in a separate vulnerability report.
According to Daniel Regalado, Zingbox security researcher, they assessed the VGo Celia robot – a popular “most widely known” robot – for the flaws. The vulnerabilities discovered include Insufficiently Protected Credentials – Wi-Fi, XMPP (CVE-2018-8858), Cleartext Transmission of Sensitive Information in the firmware (CVE-2018-8860), Improper Neutralization of Special Elements – RCE (CVE-2018-8866), Improper Access Control (USB) (CVE-2018-17931), and Improper Authorization (XMPP Client) (CVE-2018-17933)….Read More…