Amazon has fixed flaws in its Kindle e-reader platform that could have allowed an attacker to take control of victims’ devices by sending a malicious e-book. The exploit chain takes advantage of a feature called “Send to Kindle” to send a malware-laced document to a Kindle device that, when opened, could be leveraged to remotely execute arbitrary code on the device and make unauthorized purchases. Amazon fixed the flaws on December 10, 2020, for all Kindle models released after 2014 following a security researcher’s responsible disclosure.
Source: https://thehackernews.com/2021/01/sharing-ebook-with-your-kindle-could.html