Amazon earlier this April addressed a essential vulnerability in its Kindle e-book reader platform that might have been probably exploited to take full management over a consumer’s machine, ensuing within the theft of delicate info by simply deploying a malicious e-book.
“By sending Kindle customers a single malicious e-book, a menace actor might have stolen any info saved on the machine, from Amazon account credentials to billing info,” Yaniv Balmas, head of cyber analysis at Verify Level, stated in an emailed assertion. “The safety vulnerabilities enable an attacker to focus on a really particular viewers.”
In different phrases, if a menace actor needed to single out a selected group of individuals or demographic, it is attainable for the adversary to decide on a preferred e-book in a language or dialect that is broadly spoken among the many group to tailor and orchestrate a extremely focused cyber assault.
Assaults exploiting the flaw begin by sending a malicious e-book to an meant sufferer, who, upon opening the e-book, triggers the an infection sequence sans any interplay, permitting the unhealthy actor to delete the consumer’s library, acquire full entry to the Amazon account, or convert the Kindle right into a bot for placing different units within the goal’s native community.
|Heap overflow vulnerability within the JBIG2Globals decoding algorithm|
The issue resides within the firmware’s e-book parsing framework, particularly within the implementation related to how PDF paperwork are opened, allowing an attacker to execute a malicious payload on the machine.
That is made attainable, because of a heap overflow vulnerability within the PDF rendering perform (CVE-2021-30354), which could be leveraged to achieve arbitrary write primitive, and a neighborhood privilege escalation flaw within the Kindle software supervisor service (CVE-2021-30355) that permits the menace actor to chain the 2 flaws to run malware-laced code as a root consumer.
Earlier this January, Amazon mounted comparable weaknesses — collectively named “KindleDrip” — that might have allowed an attacker to take management of victims’ units by delivering a malicious e-book to the targets and make unauthorized purchases.
“Kindle, like different IoT units, are sometimes regarded as innocuous and disregarded as safety dangers,” Balmas stated. “These IoT units are weak to the identical assaults as computer systems. Everybody ought to pay attention to the cyber dangers in utilizing something linked to the pc, particularly one thing as ubiquitous as Amazon’s Kindle.”