image
The STEM Audio Table conference-room speaker has a security vulnerability that would allow unauthenticated remote code execution (RCE) as root – paving the way for eavesdropping on conversations, denial of service, lateral movement throughout enterprise networks and more. And, there are multiple additional security issues as well, according to GRIMM researchers, all of which would allow an attacker to interfere with the device. The STEM Audio Table is a high-end, nine-speaker smart device, shaped like a large puck, that sits on a conference table to enable whole-room conferencing. It can also be used with other devices to, say, enable video calls. It sports a web-based control interface and connects via the internet to download firmware updates. “Modern business often relies heavily on the Internet and software resources such as Zoom or Skype to support daily operations. Use of such systems often requires additional hardware resources like microphones and cameras,” researchers noted. “What were once mechanical or analog devices are now increasingly being redesigned with embedded processors. This change in direction implies that what seem like ordinary commodity devices are, in fact, reasonably capable computing machines with attack surfaces very similar to traditional PCs.” RCE Security Bugs GRIMM said that the RCE bug is a stack-based buffer overflow issue, located in the “local_server_get() and sip_config_get() in stem_firmware_linux_2.0.0.out” function. The…

Source