Ever since the dawn of Internet of Things (IoT) revolution, researchers have been calling out the security of these devices to be lacking. And the IoT-based Mirai botnet, which can source up to a TB of bandwidth, has already proved their point. But smart home device makers are still aloof and haven’t patched the security vulnerabilities.

Now, the researchers at cybersecurity firm SEC Consult have found a backdoor vulnerability in Sony IPELA Engine IP Cameras. This vulnerability affects over 80 camera models, which are mainly used by enterprises and authorities. The band of researchers termed this exploit as critical.

This backdoor on the affected sony IP cameras enables any attacker to execute an arbitrary code remotely and take a foothold in the network to hijack other vulnerable IP cameras. They could also disrupt the camera functionality, send manipulated images/video, spy on users and add these cameras to a Mirai-like botnet as a slave node – which might be used in a future cyber attack.

The vulnerability primarily allowed the attacker to enable Telnet/SSH service remotely using the two set of passwords – one of them is the hard-coded admin credentials and the other being the root account. It was discovered that these credentials could be used to take control of the camera over Telnet very easily. Based on its cryptographic hash, the password is static but hasn’t been cracked by the researchers themselves.

SEC Consult reported the vulnerability to Sony back in October and it released a firmware update for its IP camera towards the end of November before the research was made public. The release, however, adds that researchers are of the opinion that Sony intentionally placed the vulnerability but it has declined to comment on the purpose or nature of this backdoor.

We believe that this backdoor was introduced by Sony developers on purpose (maybe as a way to debug the device during development or factory functional testing) and not an “unauthorized third party” like in other cases,

reads the blog post.

Leave a Reply

Your email address will not be published. Required fields are marked *