Another reason to NOT trust EVERY human task to machines… unless one wants to get killed by a robot dressed up as dinosaur. „great“ X-D

„Japanese travel agent H. I. S. Group ignored warnings about a vulnerability in its Tapia robots, which serve users in the Henn na Maihama hotel chain, and now apologizes.

The Network hosts A POC-code vulnerability, the operation of which allows attackers to remotely monitor visitors through cameras, according to the Tokyo Reporter.

At Henn na Maihama hotel chain, customers are served by robots.

Staff at the reception are represented in the form of dinosaurs, and in the room guests are served by special robots Tapia. The device is able to recognize voices and actions, determine the mood of the user by his intonation, remember names and birthdays, play music, monitor the safety of the room, as well as make calls and make orders online.

Earlier this year, a researcher under the pseudonym lrvick warned H. I. S. Group about a vulnerability in Tapia robots, the exploitation of which allowed remote access to the robot’s cameras and microphones.

The company ignored the warning and the researcher shared the PoC code for the vulnerability.

The hotel is part of a network of 10 hotels that use a variety of robots instead of „live“ staff. So far, it’s only about Tapia robots in one hotel, but it’s currently unclear if other devices are being used in hotels.

H. I. S. Group apologized for the concern and released an update for the robots, fixing the vulnerability.“

Source: https://www.securitylab.ru/news/501983.php

 

admin