MobileRead Forums
Register Guidelines E-Books Today's Posts Search

Go Back   MobileRead Forums > E-Book Readers > Amazon Kindle
Reload this Page Kindle vulnerabilities talk at Black Hat EU 2025

Notices

Reply
 
Thread Tools Search this Thread
Old 12-15-2025, 09:27 AM   #1
Frogm4n
Fanatic
Frogm4n ought to be getting tired of karma fortunes by now.Frogm4n ought to be getting tired of karma fortunes by now.Frogm4n ought to be getting tired of karma fortunes by now.Frogm4n ought to be getting tired of karma fortunes by now.Frogm4n ought to be getting tired of karma fortunes by now.Frogm4n ought to be getting tired of karma fortunes by now.Frogm4n ought to be getting tired of karma fortunes by now.Frogm4n ought to be getting tired of karma fortunes by now.Frogm4n ought to be getting tired of karma fortunes by now.Frogm4n ought to be getting tired of karma fortunes by now.Frogm4n ought to be getting tired of karma fortunes by now.
 
Posts: 546
Karma: 4015251
Join Date: Jul 2023
Device: Scribe 2022, OA2, PRS-350
Kindle vulnerabilities talk at Black Hat EU 2025
https://blackhat.com/eu-25/briefings...a-kindle-48836

Quote:
Don't Judge An Audiobook By Its Cover: Taking Over Your Amazon Account With A Kindle
Valentino Ricotta | Security Researcher, Thales
Date: Thursday, December 11 | 2:30pm-3:00pm ( ICC Maritime Suite, Victoria 5, Level 3 )
Format: 30-Minute Briefings
Tracks: Reverse Engineering, Exploit Development & Vulnerability Discovery

Amazon's Kindle is the most popular e-reader on the market, with an extensive ecosystem of e-books. From a security perspective, Kindle devices especially stand out because they are often linked to an Amazon account.

Their complex software stack supports numerous e-book file formats (AZW, MOBI, PDF...), as well as many underlying media formats that increase the attack surface. As such, downloading an e-book from the store may allow an attacker to gain root access to the device, take control of the Amazon account, and steal credit card information.

In this talk, we will dive into the internals of Kindle devices and discuss a $20,000 bug in the parsing of Audible audiobooks which allowed us to take full control of the e-reader. We will also share general insights on fuzzing file formats based on the MPEG-4 standard (ISOBMFF).
Slide deck:
https://i.blackhat.com/BH-EU-25/eu-2...-Audiobook.pdf
Frogm4n is offline   Reply With Quote
Reply

« Previous Thread | Next Thread »

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Black Friday 2025 tubemonkey Deals and Resources (No Self-Promotion or Affiliate Links) 109 12-01-2025 02:31 PM
Free(EPub) Black Hat by John Biggs egarbacz Deals and Resources (No Self-Promotion or Affiliate Links) 0 06-01-2011 11:31 AM
Development Known Security Vulnerabilities jcase enTourage Archive 27 08-16-2010 07:55 PM
Free - Freaks Talk Back: Tabloid Talk Shows and Sexual Nonconformity nboshart Deals and Resources (No Self-Promotion or Affiliate Links) 1 06-05-2010 11:27 AM
Lets' Talk Honestly: One Black Man's Thoughts, just $1.50 glc3 Self-Promotions by Authors and Publishers 7 06-26-2009 10:20 PM


All times are GMT -4. The time now is 02:17 PM.

Contact Us - FAQ - Guidelines - Privacy - Top

MobileRead.com is a privately owned, operated and funded community.