SoylentNews

Black Hat: Hackers Can Remotely Hijack Enterprise, Healthcare Temi Robots

posted by Fnord666 on Friday August 07 2020, @07:22PM   
from the pwned dept.

"MrPlow" writes in with a submission, via IRC, for chromas.

Black Hat: Hackers can remotely hijack enterprise, healthcare Temi robots:

Temi's interactive assistance robots are remotely exploitable with little more than a phone number.

On Thursday at Black Hat USA, McAfee's Advanced Threat Research (ATR) team disclosed new research into the robots, in which remotely-exploitable vulnerabilities were uncovered, potentially leading to mobile, audio, and video tampering on the hospital floor.

The robot in question is Robotemi Global's Temi, a "personal robot" that uses a range of sensors, artificial intelligence (AI) and machine learning (ML) technologies, as well as modern voice activation and mobile connectivity to perform functions including personal assistance tasks, answering Internet queries, and facilitating remote video calls.

[...] In total, four vulnerabilities were found, the use of hard-coded credentials, an origin validation error, missing authentication for critical functions, and an authentication bypass. The security issues spotted by McAfee have been assigned CVE-2020-16170, CVE-2020-16168, CVE-2020-16167, and CVE-2020-16169.

"Together, these vulnerabilities could be used by a malicious actor to spy on Temi's video calls, intercept calls intended for another user, and even remotely operate Temi -- all with zero authentication," the researchers say.

---

Original Submission

• I propose a list I propose a list (Score: 2) by Runaway1956 on Friday August 07 2020, @07:37PM (6 children)

  by Runaway1956 (2926) on Friday August 07 2020, @07:37PM (#1033109) Journal

  Let's make a list of things that hackers CANNOT hack.

  1.

  Well, I think we're finished here.

  Starting Score:	1		point
  Karma-Bonus Modifier		+1
  Total Score:		2

• Re:I propose a list Re:I propose a list (Score: 0) by Anonymous Coward on Friday August 07 2020, @07:52PM (2 children)

  by Anonymous Coward on Friday August 07 2020, @07:52PM (#1033116)

  1- My Brain

  #EF4President2020

  Parent

  • Re:I propose a list (Score: 0) by Anonymous Coward on Friday August 07 2020, @08:12PM

    by Anonymous Coward on Friday August 07 2020, @08:12PM (#1033125)

    Objection. Assumes facts not in evidence.

    Parent

  • Re:I propose a list (Score: 2) by looorg on Friday August 07 2020, @08:12PM

    by looorg (578) on Friday August 07 2020, @08:12PM (#1033127)

    Just wait a (insert suitable time period here) for when you get some sort of cybernetic implant in your brain. I guess we can come back and adjust the list then. Until that time there is always tried and true psychological manipulation.

    Parent

• Re:I propose a list (Score: 0) by Anonymous Coward on Friday August 07 2020, @08:52PM

  by Anonymous Coward on Friday August 07 2020, @08:52PM (#1033154)

  Democracy

  Parent

• Re:I propose a list (Score: 2) by DannyB on Friday August 07 2020, @09:17PM

  by DannyB (5839) on Friday August 07 2020, @09:17PM (#1033165) Journal

  Let's make a list of things that hackers CANNOT hack.

  Let's see them hack their way through a forest overgrown with systemd weeds.

  Hack:
  * to cut or sever with repeated irregular or unskillful blows
  * to clear or make by or as if by cutting away vegetation
  * a writer who aims solely for commercial success

  --
  The lower I set my standards the more accomplishments I have.

  Parent

• Re:I propose a list (Score: 2) by ikanreed on Friday August 07 2020, @09:56PM

  by ikanreed (3164) on Friday August 07 2020, @09:56PM (#1033191) Journal

  The Moon.

  I'm given to understand you need baby witches for that.

  Parent