- May 23, 2017
- 29
- 19
Blog link:
Devil's Ivy: Flaw in Widely Used Third-party Code Impacts Millions
This exploit exposes all ONVIF devices which use the popular gSOAP library. Axis who were initially informed of exploit, went active with notifications and firmware patches. Affected vendors should follow suit with firmware patches ASAP.
Valuable advice from the blog post:
RECOMMENDATIONS
1. Keep physical security devices off of the public internet. As of July 1st, a search of Shodan indicated over 14,700 Axis dome cameras publicly accessible to anyone in the world. All the cameras that are vulnerable to Devil’s Ivy are potentially exploitable. Devices like security cameras should be connected to a private network, which will make exploitation much more difficult.
2. Defend IoT devices as much as possible. If you can place a firewall or other defensive mechanism in front of an IoT device, or utilize Network Address Translation (NAT), you can reduce their exposure and improve the likelihood of detecting threats against them.
3. Patch. Patching IoT devices is not always possible, even when the underlying OS is something familiar, like Windows XP. When a manufacturer does release a patch, make sure you update your devices as soon as possible. If this is not within your control, place other layers of security between your vulnerable device and the external internet.
Devil's Ivy: Flaw in Widely Used Third-party Code Impacts Millions
This exploit exposes all ONVIF devices which use the popular gSOAP library. Axis who were initially informed of exploit, went active with notifications and firmware patches. Affected vendors should follow suit with firmware patches ASAP.
Valuable advice from the blog post:
RECOMMENDATIONS
1. Keep physical security devices off of the public internet. As of July 1st, a search of Shodan indicated over 14,700 Axis dome cameras publicly accessible to anyone in the world. All the cameras that are vulnerable to Devil’s Ivy are potentially exploitable. Devices like security cameras should be connected to a private network, which will make exploitation much more difficult.
2. Defend IoT devices as much as possible. If you can place a firewall or other defensive mechanism in front of an IoT device, or utilize Network Address Translation (NAT), you can reduce their exposure and improve the likelihood of detecting threats against them.
3. Patch. Patching IoT devices is not always possible, even when the underlying OS is something familiar, like Windows XP. When a manufacturer does release a patch, make sure you update your devices as soon as possible. If this is not within your control, place other layers of security between your vulnerable device and the external internet.