Swann's home security camera recordings could be hijacked ( FLIR also )

Discussion in 'Cyber Security' started by mat200, Aug 1, 2018.

Share This Page

  1. mat200

    mat200 IPCT Contributor

    Jan 17, 2017
    Likes Received:
    Swann's home security camera recordings could be hijacked
    ( FLIR also.. )

    The intercepted messages included a reference to a unique serial number given to each camera in the factory.

    By altering the serial number, the researchers were able to obtain video feeds from other cameras - something they tested by typing in numbers belonging to other cameras that they had bought.

    At no point were they required to type in the other accounts' usernames and passwords."

    "..the researchers discovered that a US-based security consultancy had previously flagged a similar issue with another brand supported by OzVision - Flir FX.

    Despite Flir having been told of this a year ago, Mr Munro's team found it was still able to hijack feeds in a similar manner to the way it had done with Swann's kit."

    bigredfish and fenderman like this.
  2. alastairstevenson

    alastairstevenson Staff Member

    Oct 28, 2014
    Likes Received:
    Yes, another example of dumb coding, and ineffective code reviews.

    Every time I hear of one of these vulnerabilities, and it gets fixed and closed off, I imagine the security services backroom folk sighing a bit and opening their filing cabinet to pick out the next vulnerability from their collection to use instead.
    fenderman and mat200 like this.