Vulnerability affects over 80 different camera models
Today some associates at Sec Consult found 2 different back doors in SONY IP Cameras. Sony
has responded, but be sure to update your firmware on all your cameras immediately. This is
a severe vulnerability that can lead to takeover of the camera and then access to your network.
“SEC Consult has found a backdoor in Sony IPELA Engine IP Cameras, mainly used professionally by enterprises and authorities. This backdoor allows an attacker to run arbitrary code on the affected IP cameras. An attacker can use cameras to take a foothold in a network and launch further attacks, disrupt camera functionality, send manipulated images/video, add cameras into a Mirai-like botnet or to just simply spy on you. This vulnerability affects 80 different Sony camera models. Sony was informed by SEC Consult about the vulnerability and has since released updated firmware for the affected models”
Detailed info:
http://blog.sec-consult.com/
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20161206-0_Sony_IPELA_Engine_IP_Cameras_Backdoors_v10.txt
https://krebsonsecurity.com/2016/12/researchers-find-fresh-fodder-for-iot-attack-cannons/
Other posts that might interest you
Vulnerabilities in WiFi Cameras
Inexpensive WiFi cameras are widely available over the internet. That might sound compelling, but it's important to understand their security holes and the risk they bring to your network. Pierre…
March 14, 2017
The 4 Cyber Security Risks for Video Monitoring Centers
Video Monitoring Centers are taking unnecessary cyber security risks daily just by working with video surveillance providers that are not cyber secure. But just because the video surveillance market stays…
November 2, 2017
Devil’s Ivy Update
In July 2017, cyber security researchers discovered a serious flaw, which they named “Devil’s Ivy”, that exists in nearly all cameras supporting the popular ONVIF specification. The flaw allows hackers…
August 8, 2017