Read Time:23 Second
Posted by Security Explorations on Apr 24
Hello,
In 2020, a vulnerability (CVE-2020-15858) in multiple Cinterion IoT
devices was discovered by Adam Laurie and Grzegorz Wypych of IBM
X-Force Red [1].
The issue was described as allowing for organizational secrets theft
and Java application code access. The use of Java VM / apps by
wireless (connected) devices triggered my attention in particular.
Historically, Java flaws could be successfully exploited for a more
in-depth investigation…