CVE-2022-32775

Vulnerability

An integer overflow vulnerability exists in the web interface /action/ipcamRecordPost functionality of Abode Systems, Inc. iota All-In-One Security Kit versions 6.9X and 6.9Z. The overflow occurs in the function at offset 0x1BC91C of the /root/hpgw binary. The web server must be enabled (disabled by default) for the endpoint to be reachable [1].

Exploitation

An attacker must be authenticated to the device's local web interface. The attacker sends a specially-crafted HTTP request to /action/ipcamRecordPost. No user interaction is required. The web server can be enabled via separate vulnerabilities (TALOS-2022-1552/1553) but is not intended for end-user access [1].

Impact

Successful exploitation leads to memory corruption, potentially allowing arbitrary code execution with high privileges. The vulnerability has a CVSSv3 score of 9.0 (Critical) with impacts to confidentiality, integrity, and availability [1].

Mitigation

No patch or fix has been disclosed by the vendor as of the publication date (2022-10-25). Until a fix is available, users should ensure the local web server remains disabled (default configuration) to reduce attack surface [1].