A Measurement Study on the (In)security of End-of-Life (EoL) Embedded Devices

by   Dingding Wang, et al.

Embedded devices are becoming popular. Meanwhile, researchers are actively working on improving the security of embedded devices. However, previous work ignores the insecurity caused by a special category of devices, i.e., the End-of-Life (EoL in short) devices. Once a product becomes End-of-Life, vendors tend to no longer maintain its firmware or software, including providing bug fixes and security patches. This makes EoL devices susceptible to attacks. For instance, a report showed that an EoL model with thousands of active devices was exploited to redirect web traffic for malicious purposes. In this paper, we conduct the first measurement study to shed light on the (in)security of EoL devices. To this end, our study performs two types of analysis, including the aliveness analysis and the vulnerability analysis. The first one aims to detect the scale of EoL devices that are still alive. The second one is to evaluate the vulnerabilities existing in (active) EoL devices. We have applied our approach to a large number of EoL models from three vendors (i.e., D-Link, Tp-Link, and Netgear) and detect the alive devices in a time period of ten months. Our study reveals some worrisome facts that were unknown by the community. For instance, there exist more than 2 million active EoL devices. Nearly 300,000 of them are still alive even after five years since they became EoL. Although vendors may release security patches after the EoL date, however, the process is ad hoc and incomplete. As a result, more than 1 million active EoL devices are vulnerable, and nearly half of them are threatened by high-risk vulnerabilities. Attackers can achieve a minimum of 2.79 Tbps DDoS attack by compromising a large number of active EoL devices. We believe these facts pose a clear call for more attention to deal with the security issues of EoL devices.


Hey Google, What Exactly Do Your Security Patches Tell Us? A Large-Scale Empirical Study on Android Patched Vulnerabilities

In this paper, we perform a comprehensive study of 2,470 patched Android...

One Bad Apple Spoils the Barrel: Understanding the Security Risks Introduced by Third-Party Components in IoT Firmware

Currently, the development of IoT firmware heavily depends on third-part...

Can I Take Your Subdomain? Exploring Related-Domain Attacks in the Modern Web

Related-domain attackers control a sibling domain of their target web ap...

Coding Practices and Recommendations of Spring Security for Enterprise Applications

Spring security is tremendously popular among practitioners for its ease...

One Billion Apples' Secret Sauce: Recipe for the Apple Wireless Direct Link Ad hoc Protocol

Apple Wireless Direct Link (AWDL) is a proprietary and undocumented IEEE...

One Exploit to Rule them All? On the Security of Drop-in Replacement and Counterfeit Microcontrollers

With the increasing complexity of embedded systems, the firmware has bec...

Characterising attacks targeting low-cost routers: a MikroTik case study (Extended)

Attacks targeting network infrastructure devices pose a threat to the se...

Please sign up or login with your details

Forgot password? Click here to reset