Researchers from Kaspersky Lab ICS CERT discovered a wide range of severe security vulnerabilities that could turn a popular smart camera into a surveillance tool for someone else.
This specific model of camera is pimped as doubling as a baby monitor in addition to being used for “general security purposes” in homes and offices. Yet the 13 critical flaws could allow attackers to remotely take control of the cameras to do the following: access video and audio feeds, remotely “brick” the devices, use the cameras for mining cryptocurrencies, and use the cameras as an entry-point to launch attacks on local and external networks.
Samsung devices affected
The vulnerabilities were in HanWha Techwin’s SNH-V6410PN/PNW security cameras. While you may not have heard of Hanwha Techwin, you have definitely heard of Samsung. Kaspersky explained: “These problems exist not only in the camera being researched, but all manufacturers' smart cameras manufactured by Hanwha Techwin. The latter also makes firmware for Samsung cameras.”