Windows 10 IoT Core Machines Vulnerable To Crippling Remote Hijacking Trojan

windows 10 iot core
If you're running a version of Windows IoT Core, you'll want to pay attention to the latest vulnerability discovered by Dor Azouri, a researcher for SafeBreach. The risk of leaving the bug unpatched is great, but fortunately, most of the Windows ecosystem is safe. Even the IoT Enterprise version is safe from this bug; only those using the free IoT Core on their DIY devices (eg: Raspberry Pi) will need to take action.

The issue lays with IoT Core's Sirep Test service, which allows users to perform tests on given hardware. The researcher discovered that this service could be used to reveal a remote command line interface which could be used to exploit the system. Once compromised, an attacker would have full control over the target system.

Windows IoT Core

The researcher went one step further with this information and released a tool on GitHub called SirepRAT, which ultimately seems easy to use as long as you know the IP address of the IoT Core device in question. Simple examples given include running an arbitrary application and uploading/downloading files. 

There are a couple of caveats with this flaw that might save you even if you are running a Windows IoT Core device. For starters, this only impacts those devices running a wired connection. Wireless devices are safe, which likely represents the biggest number of IoT implementations out there. As mentioned before, IoT Enterprise is also unaffected by this bug, which is great for Microsoft and those customers. For IoT Core users, you'll have to wait for Microsoft to chime in about a fix. 

Show comments blog comments powered by Disqus