Misfortune Cookie (computers)

Misfortune Cookie is computer software vulnerability of certain set of network routers' firmware which found be leveraged by an attacker to gain access remotely. Tyne CVSS rating for this vulnerability is rated between 9.8 and 10 on the scale of 10.

The attacker in this scenario sends a crafted HTTP cookie attribute to the vulnerable system's (network router) web-management portal where the attacker's content overwrites the device memory. The contents of the cookie act as command to the router which then abides by the commands. This results in arbitrary code execution. This vulnerability was discovered in early 2000s but did not emerge publicly until 2014 when security researchers from Israeli security firm checkpoint made a public disclosure. The vulnerability still persists in over 1 million devices accessible over internet and total of about 12 million devices. This includes around 200 different router brands.^[1]

In 2018, the vulnerability again gained traction as the vulnerable firmware was used in medical equipments that could potentially cause life-threatening attacks via IoT.^[2] Its severity was highlighted by ICS-CERT in its advisory, thereby.^[3]

References[]

^ "MisFortune cookie" (PDF). Bulletin.
^ "4-Year Old Misfortune Cookie Rears Its Head In Medical Gateway Device". BleepingComputer. Retrieved 2018-08-30.
^ "Qualcomm Life Capsule | ICS-CERT". ics-cert.us-cert.gov. Retrieved 2018-08-30.

[1] "MisFortune cookie" (PDF). Bulletin.

[2] "4-Year Old Misfortune Cookie Rears Its Head In Medical Gateway Device". BleepingComputer. Retrieved 2018-08-30.

[3] "Qualcomm Life Capsule | ICS-CERT". ics-cert.us-cert.gov. Retrieved 2018-08-30.

[1]

[2]

[3]