The popular Samsung SmartCam security cameras contain a critical remote code execution vulnerability that could allow hackers to gain root access and take full control of them. The vulnerability was discovered by researchers from the hacking collective the Exploiteers (formerly GTVHacker), who have found vulnerabilities in the Samsung SmartCam devices in the past. IT security experts from Tripwire and AlienVault commented below.
Craig Young, security researcher at Tripwire:
“While this flaw by default would not directly allow attacks from the Internet suitable for something like Mirai, it would be pretty trivial to use CSRF to infect devices on home networks.
It is always disappointing when a vendor eliminates features rather than fixing vulnerabilities as was the case in this camera.”
Javvad Malik, security advocate at AlienVault:
“This vulnerability highlights the difficulty in securing IoT or smart devices, even for large manufacturers.
It shows that finding issues in devices is one thing, but fixing them is another. It’s typically not so easy to push out updates or fixes to smart devices, and when they do get sent it doesn’t always achieve the desired result.
There is also the balance of how updates will work. Many devices don’t have an interface that can inform the user of an update. So updates can occur at inopportune moments, and such devices become unusable for the duration of the upgrade.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Meta’s fine over data privacy breaches underscores the critical challenges…
Hi, Thanks, that is really useful information. I do have…
“This is a very worrying attack that hit T-Mobile and…
“This latest cyberattack against T-Mobile may be smaller than previous…
“Genesis Market is a complex global criminal access marketplace. Buyers…