A wormable vulnerability involving an estimated one million digital video recorders (DVR) is at risk of creating a Mirai-style botnet, security researchers warn.
UK-based security consultancy Pen Test Partners said that the issue stems from a zero-day (unpatched) flaw in networking software from Chinese manufacturer XiongMai.
Pen Test Partners has been researching DVR security since February 2016, long before Mirai took out DNS provider Dyn in October 2016. The firm found a buffer overflow in the web interface that leaves more than one million devices vulnerable.
“This [flaw] leads to remote code execution and a wormable exploit,” researchers warned. “Shodan [a search engine for internet-connected devices] shows ~1M devices available as of today, which would make for a nice botnet.”
Pen Test Partners has discovered other Mirai-style vulnerabilities before but the latest issue represents a different and potentially more severe threat.