Kaspersky Lab found a flaw in smart camera that allow hacker to see what it was seeing

Recent Kaspersky Security Analyst Summit, Vladimir Dashchenko, head of the company’s vulnerability research team, said that they discovered 13 critical security holes in the popular Samsung SmartCam series surveillance cameras.

Relevant data show that the Samsung SmartCam series surveillance camera was originally developed by Samsung Techwin. In 2014, Samsung sold its division to Hanwha Group and later changed its name to Hanwha Techwin. However, the SmartCam series produced by the company is still named after Samsung.

According to Kaspersky, these vulnerabilities involve several aspects, from the use of insecure HTTP communication protocols to the weak protection of certificates. Successful exploitation allows an attacker to do whatever he wants to do, including using it to mine cryptocurrencies.

Dashchenko explained that they only tested the Samsung SNH-V6410PN/PMW camera in the study. This camera is usually used for security monitoring by ordinary home users or small business users and is mainly sold to South Korea and Europe.

Kaspersky’s ICS CERT team pointed out that during the course of their research, they discovered that at least 2,000 V6410PN cameras have publicly accessible IP addresses. However, they believe that the actual number of vulnerable cameras may be higher.

Dashchenko said that for the 2,000 cameras, they can perform various operations on them. For example, the content photographed by the camera is tampered with so as to present the user with a fake real-time image.

Not only that, Dashchenko also emphasized that although they only tested the V6410PN camera. However, they have reason to believe that these vulnerabilities will also affect all of the company’s other camera products connected to cloud servers. Because the same as the V6410PN camera, Hanwha’s other camera products will also be connected to the same cloud service platform, and there are four vulnerabilities in the discovered 13 vulnerabilities related to this cloud service platform.

The other nine vulnerabilities exist in the camera firmware, but the attacker can fully implement the attack through the cloud platform, which means that they do not need to be close to the affected device itself when launching the attack.

The most serious situation is that an attacker can exploit the vulnerability to crack the user’s certificate and use the controlled device as a “springboard” to perform other attacks on the devices that share the same local network. This can lead an attacker to remotely download and execute arbitrary malicious code, steal personal data from users, disable cameras remotely (denial of service attacks), and so on.

Kaspersky Lab stated that they had reported these flaws to Hanwha in December last year, most of which have been fixed. Dashchenko also stressed that they have not seen these flaws exploited in actual attacks.

Source: CNET