According to US Cert the software included with the Energizer DUO USB battery charger contains a backdoor that allows unauthorized remote system access.
Its a Windows application that allows the user to view the battery charging status. It allows attacker to remotely control a system, including the ability to list directories, send and receive files, and execute programs. The backdoor operates with the privileges of the logged-on user.
Picture: ZDNet
Removing the Energizer UsbCharger software will also remove the registry value that causes the backdoor to execute automatically when Windows starts. Blocking access to port 7777 can mitigate this vulnerability by preventing network connectivity to the backdoor.
Source: US Cert
Ryan Naraine
Latest by Featured Writer:
- An appeal from Royal Brunei Airlines passenger to London
- Brunei Charity Help: 'Hand in Hand, Help Brunei & Help the World'
- McLaren Automotive introduces the McLaren MP4-12C
- Wonderful family values
- The Civil Guard dismantle computers "zombies" network made up of more than 13 million infected PCs
