Analecta Cyber Company Blog: Serious flaw exposes 6.1 million mobile devices to remote code execution

2015-12-23

Serious flaw exposes 6.1 million mobile devices to remote code execution

More and more hackers nowadays are capable of finding flaws in systems to take advantage of and gain access to something valuable. To fight back, companies are exerting more efforts to mitigate such attacks from even happening. Or so the companies say.



Security researchers at Trend Micro have exposed a three-year-old security vulnerability within a software component that had remained unpatched since 2012. The vulnerability was present in over 6.1 million smart devices including smart TVs, routers, smartphones and other products made by Internet of Things.

The vulnerability is called Remote Code Execution (RCE). And the researchers discovered a collection of these in the Portable SDK for UPnP, or libupnp component. The libupnp is a software library devices use to stream media files over a network.

Though researchers verified that these vulnerabilities were actually patched three years ago, many applications still used the outdated versions of the library. This allowed remote code execution hacker attacks. The researchers added that in their investigations they found 547 apps that used older versions of libupnp. And 326 of those were currently available in the Google Play store.

Popular apps hit


QQMusic is one of the biggest apps that used the outdated version of the library, so so far the apps developers had not taken steps to address the security flaw. In China alone, over 100 million people were using QQMusic. It also has been downloaded by millions of Android users from the Google Play store.

Other popular applications affected by security issues include AirSmartPlayer, Big2Small, CameraAccess plus, G-MScreen, HexLink Remote (TV client), HexLink-SmartTV remote control, Hisense Android TV Remote, nScreen Mirroring for Samsung, Ooredoo TV Oman, PictPrint – WiFi Print App –, qa.MozaicGO.Android, QQMusic, Smart TV Remote and Wifi Entertainment.

Security researchers are continuing their efforts to find more vulnerable apps, so users are advised to either remove an app if it’s included on the list or check for an updated version.