CloudEdge Cloud Improper Input Sanitization Vulnerability in MQTT Topic Handling

A vulnerability exists in the CloudEdge Cloud service, specifically in the CloudEdge App version 4.4.2, due to improper sanitization of MQTT topic inputs. This flaw allows attackers to exploit MQTT wildcards to intercept messages intended for other users. By subscribing to a manipulated MQTT topic, an attacker can access messages containing sensitive information, such as credentials and keys, needed to connect to cameras in a peer-to-peer network.

Impact

Exploitation of this vulnerability could lead to unauthorized access to live video feeds and control over the affected cameras.

Remediation

CloudEdge users are advised to contact CloudEdge or Meari Technologies and keep their systems updated. CISA recommends minimizing network exposure for control system devices, using firewalls to isolate control system networks from business networks, and employing secure remote access methods like VPNs. Organizations should also follow CISA's recommended practices for ICS cybersecurity.