Hackers can exploit the bug in surveillance cameras to tamper with footage

[ Nov 30, 2018 ]

Researchers have discovered a vulnerability in Nuuo surveillance cameras which can be exploited to hijack these devices and tamper with footage and live feeds.

On Thursday, cybersecurity firm Digital Defense said that its Vulnerability Research Team (VRT) had uncovered a zero-day vulnerability in Nuuo NVRmini 2 Network Video Recorder firmware, software used by hundreds of thousands of surveillance cameras worldwide.

The software is used in a variety of the firm’s surveillance camera products. Based on Linux, the solution supports NAS storage and is able to monitor up to 64 live video channels.

The vulnerability is an unauthenticated remote buffer overflow security flaw which can be exploited by attackers execute arbitrary code on the system with root privileges. Not only could threat actors harness the bug to access and modify camera feeds & recordings, but also to change the configuration and settings of cameras.

Cyber Security Tips:

– NVRmini 2 firmware version 3.9.1 and prior is vulnerable to exploit. Nuuo responded quickly to the researcher’s disclosure and has released a patch which resolves the issue. The fix can be  downloaded here.


Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a free website or blog at WordPress.com.

Up ↑

%d bloggers like this: