CVE-2021-21962

Vulnerability

A heap-based buffer overflow vulnerability exists in the OTA Update u-download functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34 [1]. The device parses a JSON message published via MQTT to initiate firmware updates. A specially-crafted payload can trigger a heap overflow, leading to memory corruption.

Exploitation

An attacker must perform a man-in-the-middle attack on the MQTT communication between the device and the SeaCloud broker. The attacker intercepts the JSON command containing the "u-download" instruction and replaces it with a malicious payload that causes a heap overflow. No authentication is required beyond network access, but the attack requires the ability to modify network traffic.

Impact

Successful exploitation allows remote code execution on the device. The attacker gains full control of the SeaConnect 370W, compromising confidentiality, integrity, and availability. The CVSSv3 score is 9.0 (Critical) [1].

Mitigation

As of the publication date (2022-02-04), no patch has been publicly released for this vulnerability. Mitigation requires preventing man-in-the-middle attacks by ensuring network integrity, such as using trusted networks, enabling MQTTS properly, and monitoring for anomalous traffic. The device was tested on firmware version v1.3.34; users should check with the vendor for updates.