One of WatchGuard’s partners, Trend Micro, found that many devices are still using an older version of a common Universal Plug-n-Play (UPnP) library that suffers from a very serious vulnerability. This new research is very similar HD Moore’s UPnP disclosures a few years ago; the difference being Trend Micro specifically found the issue affecting many Internet of Things (IoT) devices and mobile apps. Watch my vlog below to learn more about it.
(Episode Runtime: 3:32)
Direct YouTube Link: https://www.youtube.com/watch?v=gjmTGyiyBS0
EPISODE REFERENCES:
- Trend Micro’s blog post on the UPnP vulnerability threatening many IoT devices – Trend Micro
- An article covering this new Iot/UPnP threat – ZDNet
- My old blog post on similar research from HD Moore – WatchGuard Blog
- Rapid 7’s research paper on HD Moore’s UPnP discoveries [PDF] – Rapid 7
— Corey Nachreiner, CISSP (@SecAdept)
Leave a Reply