A recent study made by Nozomi Networks, a security company that offers solutions for IoT products has discovered that millions of connected cameras are on the verge of being hijacked by cyber crooks through a vulnerability.
Security researchers say that the flaw is related to software component used in cloud surveillance platform ThroughTek that is used by OEMs while manufacturing IP Cameras, baby monitoring cams and pet monitoring solutions along with robotic and battery devices.
Technically, the flaw is related to a P2P SDK firmware that allows clients to monitor a video stream from a camera on a mobile or desktop app. And research says that hackers could exploit the vulnerability to fraudulently access or reconstruct a video/audio stream, thus allowing them to snoop on a remote cam user.
US Cybersecurity and Infrastructure Security Agency issued a warning recently and assigned a 9.1 score to the newly discovered P2P SDK vulnerability.
ThroughTek is blaming its developers for incorrectly configuring the firmware on IOT devices and not issuing a fix to the flaw on time. It is also urging its customers to update their products with the latest SDK version that was released in March 2021.
Note-The bug could allow cyber criminals conduct eavesdropping on video and audio streams and could also lead to device spoofing as well as its security certificate hijacking