RoomCast TA-2400 Cleartext Private Key / Improper Access Control

The RoomCast TA-2400, versions 1.0-3.1+, has multiple critical security vulnerabilities, including clear-text storage of sensitive information within executables, improper access control, improper privilege management, and the use of hard-coded passwords. Uniting these vulnerabilities paves the way for a complete compromise of the device and, in turn, exposes clients to direct threats from those exploiting the compromised unit.

access access control clear clients compromise control critical device hard information key management passwords private private key privilege security sensitive information storage text threats turn vulnerabilities