Reported by Bitdefender researchers, an existing vulnerability in Wyze Cam surveillance cameras allows clandestine access to the footage and possibly its publication on various sites specializing in pornographic content.
Bitdefender IT security specialists have identified vulnerabilities in the Wyze Cam home surveillance camera, also available in Romania. By exploiting these security vulnerabilities, attackers can access camera footage or run dangerous code to gain full access to the device.
The investigation confirms that the attackers may have similar rights over the camera to those of the rightful owner, meaning access to the video feed or recordings.
The main findings:
Instructions received by the device may exceed its memory due to an omission by the manufacturer. Attackers can take advantage of this and add their own code, which allows access to the camera feed and / or the injection of dangerous code.
Attackers can interfere with the communication between the camera and the server to which it is connected, which allows them to bypass the connection and authentication process.
Attackers can gain unauthorized access to the contents of the SD card attached to the camcorder.
User recommendations:
Bitdefender experts urge users to install the available security updates immediately. Owners of the first generation camera, which has been taken out of production, are advised to stop using it immediately, as it is not possible to fix the reported problems.
Before you buy your device, read the product reviews and find out what other users think of how it works. Check how often the manufacturer sends updates and its reputation for cybersecurity.
Update your smart device with the latest firmware version available.
Make sure that all devices have complex passwords or that the original passwords have been changed.