1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: Energizer DUO CVE-2010-0103

Attack: Energizer DUO CVE-2010-0103

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects an attempt to exploit an unauthorized-access vulnerability in Energizer DUO.

Additional Information

Energizer DUO is a USB battery charger.

Energizer DUO is prone to an unauthorized-access vulnerability. Specifically, the 'arucer.dll' accepts arbitrary commands through TCP port 7777. This effectively acts as a backdoor to the vulnerable computer.

Attackers can exploit this issue to list arbitrary directories, send and receive files, and execute arbitrary code with the privileges of the currently logged in user.

Affected

  • Energizer DUO
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube