Research was presented at the weekend's DEF CON event.
Multiple security flaws named "BadCam" have been disclosed, which could be harnessed to facilitate keystroke injections and operate system-independent intrusions.
According to Security Affairs, Lenovo's Linux-based 510 FHD and Performance FHD webcams have been impacted. Attackers could leverage the vulnerable Lenovo webcams, which utilise SigmaStar ARM-based SoCs running Linux with USB Gadget support, to remotely reflash firmware and impersonate other peripherals to enable remote code execution and persistence. This was presented at the weekend’s DEF CON 33 conference in Las Vegas by Eclypsium researchers.
Lenovo and SigmaStar have already worked to resolve the issue with an updated installation tool that includes signature validation after being sought to update impacted SoCs with firmware verification.
"To our knowledge, this is the first time it has been demonstrated that attackers can weaponise a USB device that is already attached to a computer that was not initially intended to be malicious," said Eclypsium researchers, who urged organisations to re-evaluate hardware and endpoint trust models.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
