Netop is a software specialized in providing visibility over student activities, that lets teachers see what their students see, in this way the teachers can also share their screen, lock student screens and keyboards and block websites with the click of a button.

The software designed and advertised for helping teachers keep control of lessons has several features like, viewing student screens and sharing the teachers’, implementing web filters, pushing URLs, chat functions, and freezing student screens. 

Adding technology to the classroom allows you to give your students a multitude of new resources, but it can also add more distractions.

Classroom management software helps you scaffold your students’ learning while still keeping them on track. In the classroom or during remote learning, Vision’s simple features allow you to manage and monitor your students in real-time.

Source

 What happened?

On Monday researchers at McAfee have disclosed the existence of multiple security holes in Netop Vision Pro. It looks like the software contains vulnerabilities that “could be exploited by a hacker to gain full control over students’ computers.” 

What vulnerabilities were discovered?

All the network traffic was unencrypted and there was no option to enable encryption during configuration. Aside from this pressing issue, the software was sending screenshots to the teacher, without the students’ knowledge, leaving the images sent vulnerable for anyone to eavesdrop on them. 

Since there is no encryption, these images were sent in the clear.

Anyone on the local network could eavesdrop on these images and view the contents of the students’ screens remotely.

Source 

Another dangerous action performed by the software is related to the way in which teachers are starting their sessions. They send a network packet prompting students to join, leaving room for an attacker to masquerade as the teacher host and perform a local elevation of privilege (LPE) attack in order to ultimately gain system privileges.

The chat function contained in the software is saving the files sent by a teacher into a ‘work’ directory while running as a system making it possible for an attacker to overwrite existing files and send malicious content to students, like malware that could compromise their PCs. 

Netop Vision Pro student profiles also broadcast their presence on the network every few seconds, allowing an attacker to scale their attacks to an entire school system.

Because it is always running, even when not in use, this software assumes every network the device connects to could have a teacher on it and begins broadcasting.

Source 

The security issues and CVEs were discussed confidentially with the vendor in December 2020, making the latest software release, 9.7.2 to address some of the issues, such as LPE bugs and the encryption of credentials, whilst adding mitigations to chat-based read/write issues, as well. 

Heimdal Official Logo

Your perimeter network is vulnerable to sophisticated attacks.

Heimdal™ Threat Prevention
- Network

Is the next-generation network protection and response
solution that will keep your systems safe.
  • No need to deploy it on your endpoints;
  • Protects any entry point into the organization, including BYODs;
  • Stops even hidden threats using AI and your network traffic log;
  • Complete DNS, HTTP and HTTPs protection, HIPS and HIDS;
Try it for FREE today Offer valid only for companies.

This news comes just days after the FBI warned of increasing rates of attack against US and UK schools and universities, with law enforcement agencies seeing a spike in attack attempts leveraging PYSA ransomware

cover photo for heimdal security news
2021.03.22 QUICK READ

11 Zero-Day Flaws Exploited in 2020 Campaigns, Google Reports

2020.09.11 INTERMEDIATE READ

5 Lessons to Learn in Vulnerability Risk Assessment

2019.06.28 SLOW READ

13+ Warning Signs that Your Computer is Malware-Infected [Updated 2019]

Leave a Reply

Your email address will not be published. Required fields are marked *

GO TO TOP