The well-known contest of hacking Pwn2Own was this year won by security analysts Amat Cama and Richard Zhu. They were given this title after they discovered a security hole in the Amazon Echo Show 5 smart screen.
With this victory, these two analysts received a cash prize of $ 60,000 (€ 54,400). Often it is the brands themselves sponsoring these awards to try to prove the immunity of their products to malicious attacks.
Amazon Echo Show 5 security hole relates to Chromium
During the contest, Amat Cama and Richard Zhu found it possible to breach the security of Amazon Echo Show 5 through an outdated version of Chromium. By exploiting this vulnerability, they could gain full control of their device when connected to a malicious Wi-Fi network.
Simply put, the method used uses a mathematical process that attempts to create a number that does not fit in the machine's memory. This causes the number to "jump out" of allocated memory, resulting in a security breach.
The authors of this hacking mention that this flaw was a constant in the contest when we talk about IoT devices. A warning to be heard by both users and responsible companies.
Amazon has already mentioned being aware of this problem
After this discovery, Amazon has made it publicly known to be aware of this vulnerability. The company is already investigating the problem and will take the necessary steps to protect its equipment.
However, Amazon does not say when it will correct this security hole. Hopefully, this fix will be released as soon as possible for the safety of all its users.
EBox editors recommend:
You may also like
Did you miss this?