A. Secura, J. Kim Department of Network Engineering, Cyber-Physical Systems Institute
| Observation | Implication | |-------------|--------------| | Version string “1.255” passed unverified | Attacker could serve version 1.0 (downgrade) | | TFTP block number overflow after block 65535 | Firmware > 32 MB caused retransmission loops | | No hash exchange before transfer | Man-in-the-middle can inject malicious firmware | | Logs show “i---” but no source MAC validation | Spoofing possible | i--- Tftp Upgrade Firmware Version 1.255 Download
Analysis of TFTP-Based Firmware Upgrade Mechanisms: A Case Study of Version 1.255 Download Anomalies J. Kim Department of Network Engineering
TFTP, firmware upgrade, version 1.255, downgrade attack, block number wrap, IoT security. block number wrap
