Cybersecurity researchers have discovered vulnerabilities in Sonos smart speakers that could be exploited by cybercriminals to secretly listen in on users.
What are the vulnerabilities of Sonos speakers?
The vulnerabilities “led to a complete breach in the security of Sonos’ secure boot process across a wide range of devices and the ability to compromise multiple devices remotely via an over-the-air attack,” said NCC Group security researchers Alex Plaskett and Robert Herrera.
Successful exploitation of one of these flaws could allow a remote attacker to obtain a covert audio capture from Sonos devices via an over-the-air attack, and affects all versions prior to Sonos S2 release 15.9 and Sonos S1 release 11.12, which were released in October and November 2023, respectively.
The findings were presented at Black Hat USA 2024. A description of the two security flaws is as follows:
CVE-2023-50809: A vulnerability in the Sonos One Gen 2 Wi-Fi stack does not properly validate an information element during the negotiation of a WPA2 four-way handshake, which could lead to remote code execution. CVE-2023-50810: A vulnerability in the U-Boot component of the Sonos Era-100 firmware that could allow persistent execution of arbitrary code with Linux kernel privileges.
Driver Issues According to MediaTek
The NCC Group, which reverse-engineered the boot process to achieve remote code execution on the Sonos Era-100 and Sonos One devices, said that CVE-2023-50809 is the result of a memory corruption vulnerability in the wireless driver of the Sonos One, which is a third-party chipset manufactured by MediaTek.
“In the wlan driver, there is a possible out-of-bounds write due to improper input validation,” MediaTek said in an advisory for CVE-2024-20018. “This could lead to local privilege escalation without requiring additional execution privileges. No user interaction is needed for exploitation.”
The initial access gained in this way paves the way for a series of post-exploitation steps that include obtaining a full shell on the device to gain complete control of the smart speaker in the root context, followed by deployment of a new Rust implant that can capture audio from the microphone within a short physical distance of the speaker.
There is also a flaw in the boot process
The other flaw, CVE-2023-50810, involves a chain of vulnerabilities identified in the secure boot process to exploit Era-100 devices, effectively making it possible to bypass security checks to allow the execution of unsigned code in the context of the kernel.
This could then be combined with an N-day privilege escalation flaw to facilitate code execution at the ARM EL3 level and extract hardware-supported cryptographic secrets.
“Overall, there are two important conclusions to draw from this research,” the researchers said. “The first is that OEM components should be of the same security standard as in-house components. Vendors should also perform threat modeling of all external attack surfaces of their products and ensure that all remote vectors have undergone sufficient validation.”
“In the case of secure boot weaknesses, it is important to validate and test the boot chain to ensure that these weaknesses are not introduced. Both hardware and software-based attack vectors should be considered.”
The disclosure comes as firmware security firm Binarly revealed that hundreds of UEFI products from nearly a dozen vendors are susceptible to a critical firmware supply chain issue known as PKfail, which allows attackers to bypass Secure Boot and install malware.
Specifically, they found that hundreds of products were using a test platform key generated by American Megatrends International (AMI), which was likely included in their reference implementation in the hope that it would be replaced with another key securely generated by entities further down the supply chain.
The most affected hardware
“The issue arises from the Secure Boot ‘master key’, known as the Platform Key (PK) in UEFI terminology, which is untrusted because it is generated by the Independent BIOS Vendors (IBVs) and shared across multiple vendors,” he said, describing it as a cross-platform issue that affects both x86 and ARM architectures.
“This platform key (…) is often not replaced by device manufacturers or OEMs, resulting in devices that ship with untrusted keys. An attacker with access to the private part of the PK can easily bypass Secure Boot by manipulating the Key Exchange Key (KEK) database, the signature database (db), and the forbidden signature database (dbx).”
As a result, PKfail allows cybercriminals to execute arbitrary code during the boot process, even with Secure Boot enabled, allowing them to sign malicious code and distribute a UEFI bootkit, such as BlackLotus.
“The first firmware vulnerable to PKfail was released in May 2012, while the last one was released in June 2024,” Binarly said. “Overall, this makes this supply chain issue one of the longest-running of its kind, lasting over 12 years.”