TMCnet News
IOActive Finds Critical Security Vulnerabilities in Segway/Ninebot MiniPRO HoverboardSEATTLE, July 19, 2017 /PRNewswire/ -- IOActive, Inc., a global security consulting firm and the worldwide leader in research-driven security services, today released new research exposing security vulnerabilities found in the Segway/Ninebot MiniPRO Hoverboard. IOActive researchers evaluated the flaws and determined they were of critical risk, leaving the hoverboards vulnerable to attack. If exploited, an attacker could bypass safety systems and remotely take control of the device, including changing settings, pace, direction, or even disabling the motor and bringing it to an abrupt and unexpected stop while a rider is in motion. The research was conducted by IOActive Embedded Devices Security Consultant, Thomas Kilbride, and is documented in a Security Advisory available on the IOActive website here: https://www.ioactive.com/pdfs/IOActive-Security-Advisory-Ninebot-Segway-miniPRO_Final.pdf "FTC regulations do require scooters to meet certain mechanical and electrical specifications to help avoid battery fires and various mechanical failures," said Kilbride. "However, there are currently no regulations centered on firmware integrity and validation, despite being integral to the safety of the system. As my research indicates, this lack of regulation could lead to a number of dangerous situations." During the past eight months, Kilbride tested mobile applications, firmware images, and other software in order to identify the flaws. He found that once a vulnerability had been exploited, he could essentially gain full control of the scooter. Kilbride was able to perfrm a firmware update of the scooter's control system without authentication and modify the controller firmware to remove rider detection. Additionally, he determined that an attacker could make a hoverboard stop suddenly, creating the risk for serious injury. "Using reverse engineering and protocol analysis, I was able to discover a number of worrisome security threats," continued Kilbride. "For example, I determined that riders in the area were indexed using their smart phone's GPS. Therefore, each rider's location was publicly available, so the hoverboards could be found, tracked, hijacked, and controlled without the rider's knowledge." The advisory also discusses the steps that should be taken by manufacturers to mitigate the various risks presented by the vulnerabilities identified, including firmware integrity checking, encryption, PIN authentication, and more. IOActive disclosed the vulnerabilities to Segway/Ninebot, and the company subsequently released a new version to address some of the issues identified and informed IOActive of the fixes. The research will be included in a presentation Kilbride will give at IOActive's IOAsis eventnext week during Black Hat USA 2017 in Las Vegas. His session takes place on Wednesday, July 26 from 1:50 p.m. - 2:40 p.m. PT in Palm B Room in Mandalay Bay. IOActive's research team also put together a short video that demonstrates this Segway research here: https://www.youtube.com/watch?v=lq3EPiG5guk&feature=youtu.be About IOActive View original content:http://www.prnewswire.com/news-releases/ioactive-finds-critical-security-vulnerabilities-in-segwayninebot-minipro-hoverboard-300490633.html SOURCE IOActive, Inc. |