New exploit lets attackers take control of Windows IoT Core devices

Windows IoT
Image: Microsoft // Composition: ZDNet

Speaking at a conference today, a security researcher has revealed a new exploit impacting the Windows IoT Core operating system that gives threat actors full control over vulnerable devices.

The vulnerability, discovered by Dor Azouri, a security researcher for SafeBreach, impacts the Sirep/WPCon communications protocol included with Windows IoT operating system.

Azouri said the vulnerability only impacts Windows IoT Core, the Windows IoT OS version for devices meant to run one single application, such as smart devices, control boards, hobbyist devices, and others.

The vulnerability does not impact Windows IoT Enterprise, the more advanced version of the Windows IoT operating system, the one that comes with support for a desktop functionality, and the one most likely to be found deployed in industrial robots, production lines, and other industrial environments.

The researcher said the security issue he discovered allows an attacker to run commands with SYSTEM privileges on Windows IoT Core devices.

“This exploit works on cable-connected Windows IoT Core devices, running Microsoft’s official stock image,” Azouri said in a research paper shared with ZDNet.

“The method described in this paper exploits the Sirep Test Service that’s built-in and running on the official images offered at Microsoft’s site,” the researcher said. “This service is the client part of the HLK setup one may build in order to perform driver/hardware tests on IoT devices. It serves the Sirep/WPCon protocol.”

Using the vulnerability in this testing service he discovered, the SafeBreach researcher said he was able to expose a remote command interface that attackers can weaponize to take control over smart devices running Microsoft’s Windows IoT Core OS.

During his tests, Azouri built such a tool, a remote access trojan (RAT) that he named SirepRAT, which he plans to open-source on GitHub.

The upside to Azouri’s SirepRAT is that it doesn’t work wirelessly, as the testing interface is only available via an Ethernet connection. This implies that the attacker needs to be physically present near a target, or compromise another device on a company’s internal network and use as a relay point for attacks on vulnerable devices.

ZDNet has reached out for comment to Microsoft, but we did not receive a response before this article’s publication.

Azouri has presented his research today at the WOPR Summit security conference in Atlantic City, NJ, USA. We’ll update this article in the coming days to include links to the SirepRAT GitHub repo and Azouri’s whitepaper.

The Windows IoT operating system is a free successor of the Windows Embedded project. According to SafeBreach, the OS has the second largest market share in the IoT devices market, with a 22.9 percent stake, behind Linux, which has a 71.8 percent market share.

Related cybersecurity news coverage:

New exploit lets attackers take control of Windows IoT Core devices 1
About the author

E-Crypto News was developed to assist all cryptocurrency investors in developing profitable cryptocurrency portfolios through the provision of timely and much-needed information. Investments in cryptocurrency require a level of detail, sensitivity, and accuracy that isn’t required in any other market and as such, we’ve developed our databases to help fill in information gaps.

Related Posts

E-Crypto News Executive Interviews



bitcoin
Bitcoin (BTC) $ 43,445.00
ethereum
Ethereum (ETH) $ 3,060.77
cardano
Cardano (ADA) $ 2.20
tether
Tether (USDT) $ 1.01
binance-coin
Binance Coin (BNB) $ 346.75
xrp
XRP (XRP) $ 0.949578
solana
Solana (SOL) $ 145.28
usd-coin
USD Coin (USDC) $ 1.00
polkadot
Polkadot (DOT) $ 28.67
dogecoin
Dogecoin (DOGE) $ 0.204911
USD
EUR
GBP
bitcoinBitcoin (BTC)
$ 43,445.00
ethereumEthereum (ETH)
$ 3,060.77
tetherTether (USDT)
$ 1.01
bitcoin-cashBitcoin Cash (BCH)
$ 501.34
litecoinLitecoin (LTC)
$ 150.79
bitcoinBitcoin (BTC)
37.068,79
ethereumEthereum (ETH)
2.611,56
tetherTether (USDT)
0,861767
bitcoin-cashBitcoin Cash (BCH)
427,76
litecoinLitecoin (LTC)
128,66
bitcoinBitcoin (BTC)
31,746.43
ethereumEthereum (ETH)
2,236.59
tetherTether (USDT)
0.738034
bitcoin-cashBitcoin Cash (BCH)
366.34
litecoinLitecoin (LTC)
110.19

Automated trading with HaasBot Crypto Trading Bots

Crypto Scams

Crypto Scams
Crypto Scams Still Persistent In 2021, SEC Warns About Red Flags To Watch
September 9, 2021
Poly Network
Here’s How Hackers Stole Over $600 million in the Poly Network Attack
August 12, 2021
The World’s Most Infamous Crypto Hacks and Scams
July 31, 2021
Cryptocurrency Exchanges
Cryptocurrency Exchanges and the Plague of Scams and Bans
June 29, 2021
What Role Do Cryptocurrencies Play In The Era Of Ransomware Attacks?
June 9, 2021

Blockchain/Cryptocurrency Questions and Answers

Beginner’s Guide to Investing in Cryptocurrency
August 9, 2021
Short-Sell Cryptocurrency
How to Short-Sell Cryptocurrency: A Brief Overview
July 17, 2021
Klaytn
What Is Klaytn (KLAY) And How Does It Work?
July 16, 2021
Cryptocurrencies
Our Crypto Roundup Interview Asks- Do Cryptocurrencies Have a Future?
July 15, 2021
Solana
What Is Solana (SOL) And How Does It Work?
June 26, 2021


CryptoCurrencyUSDChange 1hChange 24hChange 7d
Bitcoin43,389 0.31 % 0.12 % 8.41 %
Ethereum3,048.1 0.42 % 0.17 % 8.63 %
Cardano2.190 0.11 % 3.44 % 4.34 %
Tether0.9986 0.03 % 0.08 % 0.23 %
Binance Coin345.44 0.07 % 1.00 % 15.72 %
XRP0.9456 0.06 % 0.11 % 9.85 %
Solana143.87 0.94 % 3.70 % 6.17 %
USD Coin1.000 0.00 % 0.07 % 0.14 %
Polkadot30.87 2.19 % 17.29 % 10.73 %
Dogecoin0.2037 0.41 % 1.61 % 13.13 %

bitcoin
Bitcoin (BTC) $ 43,445.00
ethereum
Ethereum (ETH) $ 3,060.77
cardano
Cardano (ADA) $ 2.20
tether
Tether (USDT) $ 1.01
binance-coin
Binance Coin (BNB) $ 346.75
xrp
XRP (XRP) $ 0.949578
solana
Solana (SOL) $ 145.28
usd-coin
USD Coin (USDC) $ 1.00
polkadot
Polkadot (DOT) $ 28.67
dogecoin
Dogecoin (DOGE) $ 0.204911