OEM Finder: Hunting Vulnerable OEM IoT Devices at Scale
Asuka Nakajima at Black Hat Europe 2019
Using this tool, we found more than 180 unique vulnerable OEM device candidates from over 50,000 IoT device images, which we had collected from EC websites. Furthermore, we analyzed the latest firmware image of some of these OEM device candidates, which are distributed by the OEM vendor (not OEM suppliers), and confirmed that the devices detected by the tool are indeed an OEM device. Moreover, we also found that the OEM firmware images are still vulnerable.
Full Abstract & Presentation Materials: https://www.blackhat.com/eu-19/briefings/schedule/#oem-finder-hunting-vulnerable-oem-iot-devices-at-scale-17982
Full Abstract & Presentation Materials: https://www.blackhat.com/eu-19/briefings/schedule/#oem-finder-hunting-vulnerable-oem-iot-devices-at-scale-17982