Amazon previously this April tackled a important vulnerability in its Kindle e-reserve reader platform that could have been likely exploited to get complete regulate above a user’s product, resulting in the theft of delicate information and facts by just deploying a malicious e-guide.
“By sending Kindle people a one destructive e-ebook, a risk actor could have stolen any information stored on the unit, from Amazon account credentials to billing data,” Yaniv Balmas, head of cyber investigate at Check out Level, said in an emailed assertion. “The stability vulnerabilities enable an attacker to goal a incredibly unique audience.”
In other words, if a threat actor preferred to solitary out a precise group of individuals or demographic, it can be achievable for the adversary to pick a well-known e-guide in a language or dialect that’s greatly spoken between the group to tailor and orchestrate a really targeted cyber attack.
On responsibly disclosing the issue to Amazon in February 2021, the retail and leisure giant published a resolve as section of its 5.13.5 model of Kindle firmware in April 2021.
Assaults exploiting the flaw begin by sending a destructive e-reserve to an supposed target, who, on opening the e-book, triggers the infection sequence sans any conversation, making it possible for the bad actor to delete the user’s library, acquire full accessibility to the Amazon account, or change the Kindle into a bot for striking other gadgets in the target’s nearby network.
|Heap overflow vulnerability in the JBIG2Globals decoding algorithm|
The issue resides in the firmware’s e-guide parsing framework, exclusively in the implementation involved with how PDF paperwork are opened, allowing an attacker to execute a destructive payload on the system.
This is made probable, thanks to a heap overflow vulnerability in the PDF rendering purpose (CVE-2021-30354), which can be leveraged to achieve arbitrary produce primitive, and a community privilege escalation flaw in the Kindle application manager support (CVE-2021-30355) that allows the menace actor to chain the two flaws to run malware-laced code as a root user.
Before this January, Amazon fastened similar weaknesses — collectively named “KindleDrip” — that could have allowed an attacker to consider manage of victims’ products by providing a destructive e-reserve to the targets and make unauthorized buys.
“Kindle, like other IoT gadgets, are normally thought of as innocuous and disregarded as stability threats,” Balmas explained. “These IoT products are susceptible to the similar assaults as computer systems. Every person ought to be mindful of the cyber challenges in working with anything linked to the computer, particularly some thing as ubiquitous as Amazon’s Kindle.”