Physical Analysis of Damaged IoT Devices – DFRWS EU 2022 Poster
This post extends the poster I've presented to DFRWS EU 2022 in Oxford with additional images of the devices that were burned and analyzed for this experiment.
Enjoy!
[CVE-2018-16222 to 16225] Multiple Vulnerabilities in QBee and iSmartAlarm Products
The preface of the disclosure of CVE-2018-16225 (https://blog.francescoservida.ch/2018/09/16/cve-2018-16225-public-disclosure-qbee-camera-vulnerability/) contained a little lie: I did not findĀ one vulnerability during the research for my master thesis, butĀ four, three of which were still being patched by the vendor/under the 90 days disclosure timeframe given to the vendor. (more…)
[CVE-2018-16225] Public Disclosure – QBee Camera Vulnerability
During the research for my master thesis on IoT forensics: "Internet of Things: Traces, Vulnerabilities and Forensic Challenges" (more about it in the future), I found one vulnerability in the QBee Multisensor Camera (https://qbeecam.com/).
(more…)