CANCUN, Mexico – Tech firm Hanwha Techwin is racing to fix 13 critical security holes found in its popular line of SmartCam security cameras. The patch rollout is part of public disclosure of the vulnerabilities set for today by researchers who discovered the bugs.
Flaws range from the use of an insecure HTTP communications protocol to a weak protection of credentials that could allow an attacker to take control of the camera or even use the device as a springboard to launch attacks within a connected network.
Kaspersky Lab researchers disclosed the vulnerabilities Thursday and coordinated with the device manufacturer who said it was in the process of deploying patches to fix firmware used in its Hanwha model SNH-V6410PN/PNW SmartCam security camera.
The model camera in question is used by both consumer and small business and is sold primarily in South Korea and Europe. According to Kaspersky’s ICS CERT team over 2,000 of the cameras have publicly accessible IP addresses. However, they believe the actual number of V6410PN cameras vulnerable to attack is likely higher.
....
....
....
....
