Nearly 200,000 security cameras connected to the internet sport a security vulnerability that can allow hackers to control them remotely.
According to a report published by IT security company BitDefender, two flaws have been discovered in two cameras in Chinese manufacturer Shenzhen Neo Electronics’ NeoCoolCam range.
Researchers said that the two cameras, the iDoorbell model and NIP-22 model, contain several buffer overflow vulnerabilities that could allow, under certain conditions, remote code execution on the device. This type of vulnerabilities is also present on the gateway which controls the sensors and alarms. The company said that it had found between 100,000 and 140,000 devices when searching for the HTTP web server, and a similar number when searching for the RTSP server (both vulnerable).
“These are not necessarily the same devices, as some have only one service forwarded. We estimate that the real number of unique devices is around 175,000,” the report said.
Vulnerable cameras indicative of fragile IoT security
“A bug in the authentication mechanism allows a remote attacker to completely take control and run commands on the vulnerable devices and turn them into a zombie army ready to trigger the next Mirai or to become tools of mass surveillance in users’ homes,” said Bogdan Botezatu, senior e-threat analyst at BitDefender.
The report said that the proof of concept attack confirms once again that most Internet of Things devices are trivial to exploit because of improper quality assurance at the firmware level.
“Paired with the fact that the bug affects the authentication mechanism and the massive pool of affected devices, we can only imagine the impact a harvested botnet of devices might have,” the report’s authors said.
“If not taken care of, the weak state of IoT security increases the number of vulnerabilities and attack vectors which could soon massively affect users’ privacy and personal life,” the report warned.