Flaws in Siglent Oscilloscope Allow Hackers to Tamper With Measurements
Researchers discovered that an oscilloscope from Siglent Technologies is affected by several potentially serious vulnerabilities that could allow hackers to tamper with measurements.
The flaws were identified by SEC Consult in SDS1000X-E series super phosphor oscilloscopes, one of the latest products launched by Siglent, a China-based company that specializes in measurement products. The impacted product costs roughly $400 and it has been named by at least one website the best oscilloscope in its price range.
SEC Consult found that the device has two backdoor accounts that can be accessed by an attacker with access to the local network over telnet on port 23. The accounts provide root access to the device and they have hardcoded passwords that are not easy to change.
The cybersecurity firm also reported that the EasyScopeX software provided by Siglent for the SDS1202X-E oscilloscope can be accessed without authentication from any computer on the network, and the application communicates using unencrypted TCP packets, which makes it easy to intercept data. The EasyScopeX app allows users to configure the device and interact with it.
Finally, the company’s researchers discovered that multiple components embedded in the firmware, including BusyBox, GNU libc and the Linux kernel, are outdated and known to have various types of vulnerabilities.
“Any malicious modification of measurement values may have serious impact on the product or service which is created or offered by using this oscilloscope. Therefore, all procedures which are executed with this device are untrustworthy,” SEC Consult said in its advisory.
SEC Consult notified Siglent of the vulnerabilities through Germany’s VDE CERT in August and while a sales person confirmed receiving the vulnerability report, no patch and no status updates have been provided by the vendor. Its official website lists one recent firmware update for the SDS1202X-E oscilloscope, but that was released before the security holes were discovered.
Researchers identified the vulnerabilities in a device running version V220.127.116.11 of the firmware, but they believe other versions are likely affected as well.
VDE CERT is also expected to release an advisory describing these vulnerabilities.
SecurityWeek has reached out to the vendor for comment and will update this article if the company responds.