A spokesperson for Texas-based Amcrest said firmware updates that address the flaw have been available for months — users were alerted to the need to install a mandatory firmware update when logging into the their camera, according to Amcrest. To exploit either bug, the researcher said an attacker would first use the search engine Shodan, a tool for finding exposed devices and databases online, to identify Amcrest model IPM-721S cameras. In the case of the credentials bug (CVE-2017-8229), an attacker would simply put the IP address of the camera in a common URL string to access a configuration file. To exploit the more serious memory-corruption bug (CVE2017-13719), Satam said an attacker would also first identify vulnerable cameras using Shodan. A 8.8-rated high-severity bug (CVE-2017-8228) meanwhile takes advantage of the fact the Amcrest cloud services does not perform a thorough verification when allowing a user to add a new camera to the user’s account, according to the researcher.