- In another instance, Amazon cameras have been reported to house several vulnerabilities. This time it is the Blink home security cameras.
- Researchers discovered three vectors of attack in these cameras that are marketed as cost-effective options in the market.
Details of the vulnerabilities
Out of the three vulnerabilities that were discovered, one is said to be of concern to the consumers.
- The first vulnerability, that is of limited availability, involves having physical access to the device. This flaw allows attackers to control devices by providing hard-coded credentials.
- The next flaw can potentially allow bad actors to launch man-in-the-middle attacks when the device is requesting for software update or network information.
- The last flaw, which is believed to be the most serious of the three, involves improperly sanitized network parameters that are passed to the camera.
What does this mean?
“In terms of the first flaw mentioned, which requires physical access to the device, this isn’t a major concern for everyday consumers. In order for an attacker to exploit this flaw, they need to be able to directly interact with the device for at least a few minutes. The most obvious attack scenario for this flaw would be some sort of insider threat — babysitters, house or petsitters, Airbnb guests, or anyone else with somewhat privileged access to your home,” say security experts.
They recommend monitoring the devices connected to the home network to prevent the exploitation of the disclosed flaws. As always, it is highly recommended that users update the devices to the latest versions available.
Researchers said that more details about these vulnerabilities, including how to spot compromised devices will be released soon.
Although IoT devices come with a number of useful features, the threats that accompany them are no lesser. Users must realize this and take necessary measures when opting for connected devices, especially at home.