Security Explorations breaks security of ADB [1] set-top-box devices used by a Polish digital satellite TV provider NC+ [2].
The company discovered 3 vulnerabilities in ADB and STLinux software used by ITI-2849ST and ITI-2850ST set-top-boxes. The weaknesses make it possible to gain full administrative access (JVM / OS root, kernel level access) to NC+ devices from the network.
This is yet another successful compromise of set-top-box devices used by the operator. In 2012, Security Explorations discovered more than 30+ vulnerabilities in the security of the platform [3][4]. This included 3 severe vulnerabilities in STMicroelectronics chipsets [5][6] used to secure premium PayTV content against TV piracy.
The recent discovery again exposes inadequate security level of ADB set-top-box devices [7][8]. Regardless of Security Explorations' recommendation [9], security of investigated ADB set-top-boxes has not been hardened / improved much beyond the addressing of the issues reported 6 years ago.
Security Explorations' research also proves that NC+ platform still relies on and has in its offer set-top-box devices vulnerable to STMicroelectronics flaws. This is in contrary to the requirements of the agreements signed by the operator with various providers of a premium PayTV content [10].
Access to the results of Security Explorations' research are available on a commercial basis as part of company's Security Research Program [11].
The SRP-2018-02 research material includes full technical details of newly discovered vulnerabilities and their exploitation techniques.
It has a form of a software framework making it possible to gain access to vulnerable set-top-box device (accompanying the material) and research security of SlimCORE / TKD Crypto cores of STi7111 DVB chipset in the environment of a real-life digital satellite TV platform (NC+).
More details regarding the content and pricing of SRP-2018-02 research can be found in its official leaflet [12].