Modern business often relies heavily on the Internet and software resources such as Zoom or Skype to support daily operations. Use of such systems often requires additional hardware resources like microphones and cameras. Advances in computing has provided a pathway for these very ordinary hardware commodities to develop into resources that enrich user experience through vast offerings of specialized features or the integration of many discrete devices into a single product. With this progress comes additional risk in product use, because what were once mechanical or analog devices are now increasingly being redesigned with embedded processors. This change in direction implies that what seem like ordinary commodity devices are, in fact, reasonably capable computing machines with attack surfaces very similar to traditional PCs.
GRIMM researchers recently selected one such device, the STEM Audio Table conference room speaker. This blog post details the results of that research, and provides a case study into some of the more common vulnerabilities found in these sorts of devices. This includes unauthenticated remote code execution (RCE) as root, which would allow eavesdropping on conversations if a payload was written to do so.