Various zero day vulnerabilities in home baby monitor could be compromised that lets threat actors hack into camera feed and put malicious codes like malware. The security issues were find in the IoT gadgets, made by China based developer Victure, that were found by BitDefender experts. In a security report, BitDefender revealed about the stack-based buffer flaw present in ONVIF server Victure PC420 component camera that allows hackers to plant remote codes on the victim device. When compromised, hacker can discover cameras (not owned by them) and command devices to broadcast camera feeds to third party and exploit the camera firmware. "When choosing a baby monitor, the security aspect should trump features or price point.This is because similar vulnerabilities have been used in the past by threat actors to directly communicate with children, thus exposing them to interactions with adults outside the family’s circle of trust," Daily Swig reports. As of now, Victure isn't aware about the complete attack scenerio, but it believes that the hacker could exploit the vulnerabilities and spy on residents using these cameras constantly or let other users do the same. Cloud users rely on using camera and cloud features and according to experts, around 4 million cameras across the world are impacted by the issue. The vulnerability impacts Victure PC420 firmware variants 1.2.2 and earlier. BitDefender released a report on the vulnerabilities after trying to contact Victure to inform them about the issues. BitDefender tried to make various attempts to get in touch with the company to offer them assistance to deal with the issues. The firm then decided to release a report on the issue to let users know about the v ..
Support the originator by clicking the read the rest link below.
