At least two million internet-connected devices featuring the peer-to-peer (P2P) communications technology iLnkP2P contain two major security flaws that could allow malicious actors to discover the products online, snoop on them and hijack them.
Security researcher Paul Marrapese discovered the issue in hundreds of brands of security cameras, baby monitors, smart doorbells and digital video recorders. Affected brands include, but are not limited to, HiChip, TENVIS, SV3C, VStarcam, Wanscam, NEO Coolcam, Sricam, Eye Sight and HVCAM.
Developed by China-based Shenzhen Yunni Technology Company, Inc., iLnkP2P is designed to give consumers a hassle-free way to access their IoT devices remotely from a phone or computer by inputting a serial number known as a UID. However, the software was found to contain two key vulnerabilities, as Marrapese explains in a web page detailing his discovery.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.