CVE-2020-12734

Vulnerability

The DEPSTECH WiFi Digital Microscope 3 (all firmware versions as disclosed in the advisory) contains a critical design flaw: there is no mechanism to reset the device to factory default settings. This allows an attacker who gains network access to modify the device's Wi-Fi SSID and password without any authentication or authorization checks [1]. The affected product is the DEPSTECH WiFi Digital Microscope 3, marketed under variants such as the 'Smart Kid Toy' microscope.

Exploitation

An attacker needs only network connectivity to the microscope (i.e., the attacker must be within Wi-Fi range or have previously joined the device's network). No authentication or user interaction is required. The attacker sends commands to change the SSID and password of the device's Wi-Fi access point. Once changed, the legitimate owner is locked out of the device [1]. The advisory demonstrates that these changes are persistent across power cycles because there is no factory reset capability.

Impact

The attacker gains full control over the device's network configuration. The legitimate owner loses the ability to connect to or operate the microscope. The attacker can then demand a ransom payment to restore access or provide the new credentials. The impact is a denial of service (loss of device functionality) and potential extortion. No sensitive data is disclosed, but the device becomes unusable by the owner [1].

Mitigation

As of the publication date (2021-07-15), no firmware update or patch has been released by DEPSTECH to add a factory reset mechanism [1]. The vendor has not acknowledged the issue or provided a workaround. Users are advised to disable the device's Wi-Fi when not in use, place the device on a separate VLAN with restricted access, or discontinue use until a fix is available. The device is not listed on CISA's Known Exploited Vulnerabilities (KEV) catalog.