JVNVU#94857368
Panasonic IR Control Hub vulnerable to Unauthorised firmware loading
Overview
IR Control Hub provided by Panasonic contains a vulnerability that may lead to loading of unauthorized firmware.
Products Affected
- IR Control Hub 1.17 and earlier
Description
IR Control Hub provided by Panasonic verifies the hash value of the loading firmware when booting, but it keeps booting with the firmware even when it detects that the hash value does not match the expected value (CWE-354).
Moreover, the product has a UART interface on the board and it is configured active (CWE-1299).
When connected directly to this UART interface, the device can be controlled through this interface (CVE-2025-1073).
Impact
An attacker with physical access to the affected product may load unauthorized firmware.
Solution
Update the Firmware
Update the firmware to the latest version.
According to the developer, the product automatically updates when it can communicate with the update server operated by the developer.
Vendor Status
| Vendor | Link |
| Panasonic | Release Notes |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
Shravan Singh reported this vulnerability to the developer and coordinated. After the coordination was completed, Shravan Singh and the develpper reported the case to JPCERT/CC to notify users of the solution through JVN.