Multiple Vulnerabilities Disclosed in Samsung SmartThings Hub

Multiple Vulnerabilities Disclosed in Samsung SmartThings Hub

August 14, 2018 | Adeline Zhang

Talos published multiple vulnerabilities related to Samsung SmartThings Hub recently including many critical vulnerabilities such as demand injection and remote code execution. CVSS v3 base score of 9.9 was assigned to many of these vulnerabilities.

For details, please refer to: https://www.talosintelligence.com/vulnerability_reports/#disclosed

Vulnerability Description

Vulnerability CVE ID CVSS Score
Samsung SmartThings Hub video-core camera update code execution vulnerabilities CVE-2018-3903

CVE-2018-3904

 9.9
Samsung SmartThings Hub video-core credentials Code Execution Vulnerabilities CVE-2018-3873

CVE-2018-3878

 9.9
Samsung SmartThings Hub video-core videoHostUrl code execution vulnerability CVE-2018-3872 9.9
Samsung SmartThings Hub video-core samsungWifiScan code execution vulnerabilities CVE-2018-3863

CVE-2018-3866

 9.9
Samsung SmartThings Hub video-core HubCore 39500 sync denial-of-service vulnerability CVE-2018-3918 6.5
Samsung SmartThings Hub video-core camera creation code execution vulnerability CVE-2018-3905 8.5
Samsung SmartThings Hub video-core samsungWifiScan callback code execution vulnerability CVE-2018-3867 9.9
Samsung SmartThings Hub video-core Database clips code execution vulnerability CVE-2018-3919 7.5
Samsung SmartThings Hub video-core Database find-by-cameraId code execution vulnerability CVE-2018-3880 8.2
Samsung SmartThings Hub video-core Hubcore 39500 HTTP header injection vulnearbility CVE-2018-3911 8.6
Samsung SmartThings Hub video-core AWSELB Cookie code execution vulnerability CVE-2018-3925 8.5
Samsung SmartThings Hub video-core REST request parser HTTP pipelining injection vulnerabilities CVE-2018-3907

CVE-2018-3909

 9.1
Samsung SmartThings Hub video-core database shard.videoHostURL code execution vulnerability CVE-2018-3906 7.5
Samsung SmartThings Hub hubCore ZigBee firmware update CRC16 check denial-of-service vulnerability CVE-2018-3926 5.3
Samsung SmartThings Hub video-core database shard code execution vulnerabilities CVE-2018-3912

CVE-2018-3917

 7.5
Samsung SmartThings Hub video-core clips code execution vulnerabilities CVE-2018-3893

CVE-2018-3897

 9.9
HubCore Google Breakpad backtrace.io information disclosure vulnerability CVE-2018-3927 6.8
Samsung SmartThings Hub Video-core credentials parsing SQL injection vulnerability CVE-2018-3879 8.8
Samsung SmartThings Hub video-core RTSP configuration command injection vulnerability CVE-2018-3856 9.9
Samsung SmartThings Hub video-core camera URL replace code execution vulnerability CVE-2018-3902 9.9

Affected Versions

  • Samsung SmartThings Hub STH-ETH-250 firmware 0.20.17

Solution

Samsung SmartThings has released a new version to fix these vulnerabilities. Users who are using the affected firmware are advised to update to the latest version.

Reference: https://support.smartthings.com/hc/en-us/articles/207316543-Is-my-Hub-s-firmware-up-to-date-