DeepAI AI Chat
Log In Sign Up

HDMI-Walk: Attacking HDMI Distribution Networks via Consumer Electronic Control Protocol

by   Luis Puche Rondon, et al.

The High Definition Multimedia Interface (HDMI) is the de-facto standard for Audio/Video interfacing between video-enabled devices. Today, almost tens of billions of HDMI devices exist worldwide and are widely used to distribute A/V signals in smart homes, offices, concert halls, and sporting events making HDMI one of the most highly deployed systems in the world. An important component in HDMI is the Consumer Electronics Control (CEC) protocol, which allows for the interaction between devices within an HDMI distribution network. Nonetheless, existing network security mechanisms only protect traditional networking components, leaving CEC outside of their scope. In this work, we identify and tap into CEC protocol vulnerabilities, using them to implement realistic proof-of-work attacks on HDMI distribution networks. We study, how current insecure CEC protocol practices and HDMI distributions may grant an adversary a novel attack surface for HDMI devices otherwise thought to be unreachable. To introduce this novel attack surface, we present HDMI-Walk, which opens a realm of remote and local CEC attacks to HDMI devices. Specifically, with HDMI-Walk, an attacker can perform malicious analysis of devices, eavesdropping, Denial of Service attacks, targeted device attacks, and even facilitate well-known existing attacks through HDMI. With HDMI-Walk, we prove it is feasible for an attacker to gain arbitrary control of HDMI devices. We demonstrate the implementations of both local and remote attacks with commodity HDMI devices. Finally, we discuss security mechanisms to provide impactful and comprehensive security evaluation to these real-world systems while guaranteeing deployability and providing minimal overhead considering the current limitations of the CEC protocol. To the best of our knowledge, this is the first work solely investigating the security of HDMI device distribution networks.


page 1

page 2

page 3

page 4


PoisonIvy: (In)secure Practices of Enterprise IoT Systems in Smart Buildings

The rise of IoT devices has led to the proliferation of smart buildings,...

NeVerMore: Exploiting RDMA Mistakes in NVMe-oF Storage Applications

This paper presents a security analysis of the InfiniBand architecture, ...

CANflict: Exploiting Peripheral Conflicts for Data-Link Layer Attacks on Automotive Networks

Current research in the automotive domain has proven the limitations of ...

Secure Access Control for DAG-based Distributed Ledgers

Access control is a fundamental component of the design of distributed l...

Security Analysis of the Consumer Remote SIM Provisioning Protocol

Remote SIM provisioning (RSP) for consumer devices is the protocol speci...

VoIP Can Still Be Exploited – Badly

VoIP phones are early representatives as well as present enhancers of th...

PHOENIX: Device-Centric Cellular Network Protocol Monitoring using Runtime Verification

End-user-devices in the current cellular ecosystem are prone to many dif...