Understanding IoT Vulnerabilities: Memory Corruption Leads to a Surprise You Don’t Want to See

Computers are somewhat like humans, in that they rely on a brain to process data and instructions, and memory to store them until the task is complete. Any event that messes with the orders in the memory can lead to results that are often difficult to predict. With computers, such an interference can sometimes lead to compromising the device or to remote controlling it.

Every program you launch has its own segment assigned in the computer memory, where it loads everything to make it tick the way you need it to. However, when a piece of data in its memory compartment is modified, the program no longer behaves as intended by its maker. The effect is called “memory corruption,” and hackers triggering the change could use it to their advantage.

This sort of vulnerability is more common in IoT devices than in mature operating systems, where they are more difficult to exploit due to various protection mechanisms implemented over the years. Smart gadgets are part of a younger ecosystem built by manufacturers who are new to the troubles of computer security.

You may find the term difficult to grasp, but the principle is similar to how our working or active memory works: we use it for the short term; to process immediate information. When the details no longer serve you, they are discarded. You store the important data in the long-term memory, which is the hard disk for computers.

To better understand the concept, imagine you start cooking something immediately after reading, for the first time, a recipe with 20 ingredients and one line of confusing directions. You have to remember the items, their order, quantities, the cut size, the time each cooks in the pan, heat adjustments for different stages of the cooking, the techniques used, and the time for proper preparation.

To introduce memory corruption into this analogy, someone who knows about your activity and the unclear instruction decides to interrupt you with their own interpretation. That’s interference you do not need the first time you make that dish because any deviation from the original instructions causes a different result, which might make the food inedible or give the dish a taste closer to the attacker’s.

Memory corruption defines a wider class of vulnerabilities that includes more specific bugs related to the different parts of the program’s memory space. Most of the time, the outcome is a crash of the application, which is essentially a denial of service (DoS); but further inspection of this reaction could reveal a way to exploit it to execute code from a remote system.

Typically, these glitches stem from programming errors which, in our example, would be the unclear guidance in the recipe. These are removed when the manufacturer learns about them and releases a firmware update.

Although it cannot fix the error, Bitdefender BOX notifies you when it finds on your network an IoT device that is susceptible to memory corruption vulnerabilities. It can also stop exploitation attempts in their tracks, preventing compromise.