PocketBook InkPad Color 3 Privilege Escalation Vulnerability
Vulnerability
A privilege escalation vulnerability has been identified in the PocketBook InkPad Color 3 e-reader, specifically in version U743k3.6.8.3671. This vulnerability allows attackers with physical access to the device to escalate privileges to root. The issue arises from an unintended use of a SUID binary, which can be exploited to enable developer mode, providing unauthorized access.
Impact
Exploitation of this vulnerability allows for unauthorized root access on the device.
Reproduction
The vulnerability can be reproduced by first gaining physical access to the device and uploading a malicious application via USB. Once the application is executed, it can exploit the SUID binary 'iv2sh' to create a file that triggers the developer mode. After restarting the device, a USB network interface is established, allowing access to a root shell via SSH.
Remediation
It is recommended that the vendor remove the 'ntpdate' utility from the '/etc/sudoers' configuration file and implement a password requirement for device unlock.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.