API security

Doorbell camera vulnerabilities enable hijacking


Widely available EKEN, Tuck, and other doorbell cameras manufactured by Chinese firm Eken Group were discovered by Consumer Reports to be impacted by several significant security flaws that could be leveraged to achieve unauthorized footage viewing or device takeovers, The Associated Press reports.

Threat actors could exploit the flaws to establish an account on the device-controlling Aiwit app and facilitate pairing with another device to allow still image or footage access, as well as prevent owners' access to the devices, according to Consumer Reports, which also noted the absence of Federal Communications Commission-required registration codes in certain Eken Group doorbell cameras. Both Walmart and Temu have already halted the sale of the doorbell cameras following advice from Consumer reports but the devices are still being sold online by Amazon, Shein, and Sears. Such findings have prompted Consumer Reports Director of Tech Policy Justin Brookman to call for more extensive vetting of products' security among major e-commerce sites.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.