Amazon Echo Show 5 Security Flaw Gives Hacking Contest Victory

0
480
Amazon Echo Show 5 Security Flaw Gives Hacking Contest Victory

The well-known contest of hacking Pwn2Own was this year won by security analysts Amat Cama and Richard Zhu. They were given this title after they discovered a security hole in the Amazon Echo Show 5 smart screen.

With this victory, these two analysts received a cash prize of $ 60,000 (€ 54,400). Often it is the brands themselves sponsoring these awards to try to prove the immunity of their products to malicious attacks.

Hackers at Echo Show 5
Amat Cama on the left and Richard Zhu on the right

Amazon Echo Show 5 security hole relates to Chromium

During the contest, Amat Cama and Richard Zhu found it possible to breach the security of Amazon Echo Show 5 through an outdated version of Chromium. By exploiting this vulnerability, they could gain full control of their device when connected to a malicious Wi-Fi network.

Simply put, the method used uses a mathematical process that attempts to create a number that does not fit in the machine's memory. This causes the number to "jump out" of allocated memory, resulting in a security breach.

The authors of this hacking mention that this flaw was a constant in the contest when we talk about IoT devices. A warning to be heard by both users and responsible companies.

Amazon has already mentioned being aware of this problem

After this discovery, Amazon has made it publicly known to be aware of this vulnerability. The company is already investigating the problem and will take the necessary steps to protect its equipment.

However, Amazon does not say when it will correct this security hole. Hopefully, this fix will be released as soon as possible for the safety of all its users.

EBox editors recommend:



IPVanish Best VPN For IPTV & Kodi 2019! Stop Letting Your Internet Service Provider Track & Record Your Online Activity. Find Out More Get a License





You may also like

Did you miss this?

LEAVE A REPLY

Please enter your comment!
Please enter your name here