NC+ SAT TV Platform - Press Info
JUN 2018

NC+ SAT TV Platform - Press Info

Security Explorations breaks security of ADB [1] set-top-box devices used by a Polish digital satellite TV provider NC+ [2].

The company discovered 3 vulnerabilities in ADB and STLinux software used by ITI-2849ST and ITI-2850ST set-top-boxes. The weaknesses make it possible to gain full administrative access (JVM / OS root, kernel level access) to NC+ devices from the network.

This is yet another successful compromise of set-top-box devices used by the operator. In 2012, Security Explorations discovered more than 30+ vulnerabilities in the security of the platform [3][4]. This included 3 severe vulnerabilities in STMicroelectronics chipsets [5][6] used to secure premium PayTV content against TV piracy.

The recent discovery again exposes inadequate security level of ADB set-top-box devices [7][8]. Regardless of Security Explorations' recommendation [9], security of investigated ADB set-top-boxes has not been hardened / improved much beyond the addressing of the issues reported 6 years ago.

Security Explorations' research also proves that NC+ platform still relies on and has in its offer set-top-box devices vulnerable to STMicroelectronics flaws. This is in contrary to the requirements of the agreements signed by the operator with various providers of a premium PayTV content [10].

Access to the results of Security Explorations' research are available on a commercial basis as part of company's Security Research Program [11].

The SRP-2018-02 research material includes full technical details of newly discovered vulnerabilities and their exploitation techniques.

It has a form of a software framework making it possible to gain access to vulnerable set-top-box device (accompanying the material) and research security of SlimCORE / TKD Crypto cores of STi7111 DVB chipset in the environment of a real-life digital satellite TV platform (NC+).

More details regarding the content and pricing of SRP-2018-02 research can be found in its official leaflet [12].