The German brand Sennheiser was forced to quickly update the components of the accompanying software HeadSetup and HeadSetup Pro for their devices. As it turned out, the vulnerability of Sennheiser headphones was discovered due to the insufficient security of the security certificate, which remained on the computer even after it was removed from the system. An unsecured certificate could be a suitable tool for hackers and cause serious harm.
Branded accompanying software is required to ensure compatibility of Sinheiser devices with IP telephony sites. To do this, the software components must be installed on the computer, and the security certificate and the encrypted private key for this certificate are sent to the PC.
The certificate, along with the private key, was found to be identical for all users of the accompanying software. Since the security of the key is not reliable, there is a possibility of it falling into the wrong hands, which can decrypt it and create fake certificates.
For users, the vulnerability of Sinheiser headphones may be associated with the likelihood of various hacker attacks also due to the fact that the root certificate is not removed from the system. For example, using fake certificates, an attacker creates a copy of a real site, intercepting the login / password after going to a fraudulent resource, or conducting attacks intercepting traffic from third-party resources.
Security experts who identified the vulnerability of Sennheiser headphones drew attention to two files (certificate and private key) that were saved in the system at the time of software installation. The encryption-protected key required a decryption password. At the same time, the accompanying software independently performed the decryption, which indicates that the password is already included in the program. The experts' hypothesis was confirmed - the password was saved in one of the code files. The password for using the private key was also found in the program, but already in the settings file.
The manufacturer has fully acknowledged the vulnerability of the Sennheiser headset and has already presented a solution: new Headsetup software components for Windows and Mac devices. The updated versions remove insecure certificates from the PC. Additionally, a script was written to clean up the remnants of certificates without the need to update the system. Microsoft has also produced a Windows Security Bulletin that shows mistrust of such certificates.
The Topic of Article: Popular German Sennheiser headphones under threat of hacker attacks.