CISA Releases Security Advisory for ThroughTek Kalay P2P SDK

Original release date: August 17, 2021

CISA has released an Industrial Control Systems (ICS) advisory detailing a vulnerability affecting several versions of ThroughTek Kalay P2P Software Development Kit (SDK). A remote attacker could exploit this vulnerability to take control of an affected system.

CISA encourages users and administrators to review the ICS Advisory: ICSA-21-229-01 ThroughTek Kalay P2P SDK and the FireEye Mandiant blog: Mandiant Discloses Critical Vulnerability Affecting Millions of IoT Devices for more information and to apply the necessary update and mitigations.

This product is provided subject to this Notification and this Privacy & Use policy.