"Threat Actors Start Exploiting Meeting Owl Pro Vulnerability Days After Disclosure"
The US Cybersecurity and Infrastructure Security Agency (CISA) is warning that threat actors have already started exploiting a severe vulnerability that Owl Labs addressed in its video conferencing devices earlier this week. Tracked as CVE-2022-31460 (CVSS score of 7.4), the security bug can be exploited to turn a vulnerable device into a rogue access point to the Wi-Fi network it is connected to. CISA noted that the vulnerability is impacting Owl Labs’ Meeting Owl Pro and Whiteboard Owl devices and that the issue exists because, when in access point (AP) mode, the devices do not disconnect from the Wi-Fi but instead start routing all traffic to the network. The bug was discovered by security researchers with Modzero, who also discovered that the video conferencing devices create their AP with the hardcoded passcode “hoothoot” and that the vulnerability can be exploited by an attacker within Bluetooth range without authentication. Patches that Owl Labs started rolling out this week disable the routing of network traffic when Meeting Owl Pro and Whiteboard Owl devices are in Wi-Fi AP tethering mode, which essentially prevents their use as rogue APs. CISA noted that owners of Meeting Owl Pro and Whiteboard Owl video conferencing devices are advised to update to firmware version 5.4.1.4 as soon as possible. CISA has instructed federal agencies to address the vulnerability by June 22.