Executive Summary

The Optoma CinemaX P2 projector, running firmware TVOS-04.24.010.04.01 on Android 8.0.0, exposes an HTTP API on TCP port 2345 that allows full remote control of the device without requiring any authentication.

This API includes 74 endpoints that enable both reading the projector's configuration and modifying various settings such as volume, mute, brightness, power, network protocols (including enabling or disabling TELNET), display modes, and other projector functions.

Any device on the same network can access and control the projector remotely without needing credentials, making it vulnerable to unauthorized use.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability in the Optoma CinemaX P2 projector allows unauthenticated remote control of the device by any device on the same network, potentially exposing sensitive device settings and functions.

Such unauthorized access could lead to violations of common standards and regulations like GDPR and HIPAA, which require protection of sensitive data and secure device management to prevent unauthorized access and data breaches.

Since the vulnerability enables full control without authentication, it increases the risk of unauthorized data exposure or manipulation, which could compromise compliance with these regulations.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability allows an attacker on the same network to take full control of the projector remotely without authentication.

An attacker could change settings such as volume, brightness, power state, and network configurations, potentially disrupting presentations or other uses of the projector.

Additionally, enabling or disabling network protocols like TELNET could open further attack vectors or expose the device to additional compromise.

Users are advised to disconnect the device from shared networks or isolate it on a separate network to reduce the risk of exploitation.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability involves an HTTP API exposed on TCP port 2345 that allows unauthenticated remote control of the Optoma CinemaX P2 projector.

To detect this vulnerability on your network or system, you can scan for devices with TCP port 2345 open and check if the projector's API is accessible without authentication.

• Use a network scanning tool like nmap to detect open port 2345: nmap -p 2345 <target-ip>
• Attempt to access the HTTP API on port 2345 using curl or a web browser: curl http://<target-ip>:2345/
• Check if you can retrieve or modify settings without authentication by sending HTTP requests to known endpoints.

Useful 0 Not Useful 0

Mitigation Strategies

Immediate mitigation steps include disconnecting the projector from the network to prevent unauthorized access.

If possible, manually apply any available patches or firmware updates, although the vendor has not fully resolved this issue.

Isolate the projector on a separate network segment to limit exposure to other devices.

Disable or restrict access to TCP port 2345 on your network firewall to block unauthorized API access.

Useful 0 Not Useful 0