[SRP-2018-01] Reverse engineering tools for ST DVB chipsets (public release) Jun 08 2018 07:16AM
Security Explorations (contact security-explorations com)

Hello All,

We have decided to release to the public domain our SRP-2018-01 security
research project related to the security of STMicroelectronics chipsets.

The research material (70+ pages long technical paper accompanied by two
reverse engineering tools) can be downloaded from the SRP section of our
portal (Past SRP materials):


The release of SRP-2018-01 is a direct consequence of the following:
1) no response to our inquiries regarding the impact of ST issues from
a SAT TV ecosystem [1] (STMicroelectronics, NC+, Canal+, Vivendi),
2) no will to provide assistance to obtain information pertaining to
the impact and addressing [2] of the issues from STMicroelectronics,
we asked for help CERT-FR (French governmental CSIRT), IT-CERT (CERT
Nazionale Italia) and US-CERT (US government CERT), but all of them
stopped responding to our messages [1],
3) a statement received from a major vendor in a SAT TV CAS / security
field indicating that its "goal is to remove the marketplace from
our materials",
4) us completely breaking security of ADB [3] set-top-boxes in use by
NC+ SAT TV platform (Canal Digital makes use of similar boxes) and
gaining access to vulnerable ST chipsets again [4] (we verified that
6 years following the disclosure Canal+ owned NC+ still relies on /
offers to customers STBs vulnerable to ST flaws, which likely violates
security requirements of agreements signed with content providers).

In that context, we see no reason to continue keeping SRP-2018-01 material
under wraps.

Thank you.

Best Regards,
Adam Gowdiak

Security Explorations
"We bring security research to a new level"

[1] SE-2011-01 Vendors status
[2] The origin and impact of security vulnerabilities in ST chipsets
[3] ADB
[4] SRP-2018-02 Exploitation Framework for STMicroelectronics DVB chipsets

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus