In today’s interconnected world, physical security products such as CCTV cameras, door controllers, and fire alarms are an integral part of our security infrastructure. Ensuring the firmware running these devices is secure from threats is crucial. To aid in this endeavor, we’re employing EMBA, an open-source Embedded Analyzer, to perform static firmware vulnerability analysis.
Unpacking Static Vulnerability Analysis
Static vulnerability analysis involves inspecting code without actually executing it. This approach is particularly effective for detecting potential security vulnerabilities in a non-intrusive way. It can be conducted directly on source code, binary files, or firmware images.
Our static analysis primarily focuses on two techniques:
- Pattern Matching: In this technique, we search for known code patterns associated with vulnerabilities. Although it’s a rapid method, it’s also limited to identifying only known vulnerabilities.
- Checking CVEs of Used Libraries: This involves examining the Common Vulnerabilities and Exposures (CVEs) related to the libraries used in the firmware. This technique is critical for uncovering supply chain vulnerabilities that may have been introduced through third-party components.
By utilizing these techniques, we offer a robust method for identifying potential vulnerabilities in firmware.
Our Open-Source Initiative with EMBA
EMBA shines in its ability to analyze the Linux-based firmware of physical security devices. It scrutinizes file systems, analyzes binaries, and checks for known vulnerabilities tied to the used libraries, effectively exposing potential supply chain vulnerabilities.
We’ve gone a step further by making our findings transparent and accessible. We’ve created a comprehensive table, listing the results of our static firmware analysis of common physical security products. This includes crucial details like filenames, vendors, types of vulnerabilities (High, Medium, Low CVE Entries), and cryptographic checksums (MD5, SHA256).
The goal of this initiative is not just about assessing firmware for vulnerabilities, but also about providing a resource for the broader security community. By sharing our findings, we aim to raise awareness of potential firmware vulnerabilities and contribute to a more secure ecosystem for physical security products.
In conclusion, static firmware vulnerability analysis is an invaluable tool in the quest for enhanced security. Through the use of EMBA and open-source collaboration, we hope to contribute positively to the global community’s security efforts.
| Filename | Vendor | Type | Report | High CVE Entries | Medium CVE Entries | Low CVE Entries | Shell Script Issues | Notes | MD5 | SHA256 |
|---|---|---|---|---|---|---|---|---|---|---|
| P3375-LV_9_80_34.bin | Axis | Camera | Click Here | 339 | 640 | 37 | 1658 | 0f0bb5d94b2ed9a745619c7538a6c1fe | 193549285fa8b0e7c40dbdfbcdb285d4f25c9aae042b79b1b86d50e566afddcd | |
| v1.0b14d_2019-05-07.zip => fw140.tar.gz | EasyIO | Controller | Click Here | 371 | 559 | 42 | 982 | 48f5fa6ec85c3d5b37080f55b9136691 | 06ca90701b161942a68e2b8b0978b4c79571ea34b6a54dc2f8d319e9d33562a8 | |
| wco_cam_4.48.4.418.zip => WCO_CAMERA_V2_4.48.4.418.bin | Wyze | Camera | Click Here | 504 | 897 | 75 | 15 | 7874581b319aa392a1f302095c8a64e5 | d4a028f04efb5c8fb83dcae374346d3434c1fe0db823aadf7e9aec86e42071bb | |
| KT-400-v3.01.16.zip => K5DE301P.kce | Kantech | Controller | Click Here | 328 | 471 | 33 | 20 | c111d734ed593bfbbb578669cbef7aba | c99d730e0208496e4180120b739a430c9a9d41ed1ac25390b6fab97e252382de | |
| A1610_10_12_172_1.bin | Axis | Controller | Click Here | 225 | 271 | 16 | 1109 | 046299484fe938dd04081ec706024406 | 86af7e4af66dcee093b0cafbd8ca3a3bb8b8a43c713d10955ab30a53dcaae35e | |
| V2Webcam.zip => demo.bin | Wyze | Camera | Click Here | 538 | 965 | 79 | 31 | 6fab3279072d057c7f31a09356c42539 | 5a7a107671d081840af04af0865bac494e73f2fe5b03a4e083b9e2e7e4b107ba | |
| DUMP.tar | Dlink | Camera | Click Here | 585 | 912 | 78 | 807 | 32cb48099294ea0b7396cad5d1ef84c8 | 6074b47152310d867b084c7f7b4a128621bc101908e6888ed918619a6fe22f5d | |
| A1610_11_6_16_1.bin | Axis | Controller | Click Here | 208 | 268 | 18 | 1102 | 17fd08f554fd94d724622668ec306ceb | 41fa3d5e276f41eb28c8014559b6f227a10fddb761609a7c0ff870b46ad3c437 |
Thanks for sharing
Comments are closed.