so.cl

In order to ensure customers’ security, the COS team has led assignments to search for vulnerabilities in this type of equipment. This publication is the first in a series and addresses the case of discovering a 0-day vulnerability on one of them. The case study will be divided into two parts. The first part shows the environment setup to analyse the equipment, and the second part will discuss the discovery of CVE-2022-46527 – details of which are still under embargo at this time. Searching for vulnerabilities in IoT devices: Case of CVE-2022-46527