Remote Access Tool Enables Code Execution on Windows IoT Core Devices
A new tool released to the public allows remote attackers to run commands on gadgets using Windows 10 IoT Core and gain control over them. The utility takes advantage of an unprotected interface with remote administration capabilities, which serves for testing drivers and hardware on IoT devices.
Windows 10 IoT core is Microsoft’s operating system optimized for building smart devices. It loads on a control board and is suitable for creating applications that control other IoT hardware, such as lights, buttons or motors. It is also compatible with some versions of the Raspberry Pi mini-computer.
Remote code execution is possible on Windows 10 IoT Core devices with the help of SirepRAT, a utility developed by security researcher Dor Azouri. The tool is available to the public and exploits the Sirep test service that uses a communication protocol with the same name. Since it comes with remote administration capabilities, SirepRAT can be used to send commands to the Windows IoT Core target.
The researcher provides the technical details in a whitepaper, where he says the attack is possible only via an Ethernet connection. In other words, only devices connected via cable are vulnerable. This is good news because most IoT users rely on WiFi to connect their gadgets to the internet, so as a consumer you are less likely to be in the danger zone.
But manufacturers should take the precaution of disabling this test service after customizing the operating system image for production. Azouri says access to a Windows 10 IoT Core device through other available interfaces, which work over a wireless connection, is password protected and the method he found is the only one that does not require authorization.
Windows IoT Core is far from the most popular choice for connected systems, with a market share of just 23%. Linux has the first spot, with almost 72%, according to a survey sponsored by The Eclipse IoT Working Group, AGILE IoT, IEEE, and the Open Mobile Alliance.IoT IoT Core Microsoft RCE remote code execution Windows 10 IoT Core