Abstract

This talk dives into the detailed process of uncovering hardware vulnerabilities, from target selection and attack surface analysis to vulnerability discovery and exploitation—all accomplished within just four days during HardPwn NL 2024.

Focusing on two Xiaomi devices, the Outdoor Camera and the latest Smartwatch, the presentation will explore their internal architecture and highlight the reverse engineering efforts undertaken to identify critical security mechanisms.

The talk will showcase five distinct vulnerabilities which include the potential to retrieve user data, extract security tokens, bypass the lock screen, and even recover the user PIN, granting a potential attacker full control over the device.