FireEye, CISA Warn of Critical IoT Device Vulnerability

Healthcare Info Security

Scott Ferguson

FireEye researchers and the U.S. Cybersecurity and Infrastructure Security Agency are warning about a critical vulnerability that could allow an attacker to gain remote access to potentially millions of compromised IoT devices, such as connected security cameras.

The flaw, tracked as CVE-2021-28372, is found in ThroughTek's Kalay protocol, which the FireEye researchers estimate is used in some 83 million IoT and connected devices worldwide, although it's not known how many of these devices might be affected.

So far, however, there has been no exploit of the vulnerability detected, according to CISA.

A newer version of...

Get the Morning Update

Thanks for subscribing!