Researchers from the Cisco Talos Intelligence Group have reported a discovery of no less than eight security vulnerabilities with one of the cameras in Nest’s line up. Said vulnerabilities can prevent the camera from being used or allow an attacker to take full control of the device remotely.
The Cisco Talos Intelligence Group consists of world-class researchers, analysts and engineers and is one of the worlds largest commercial threat intelligence teams in the world.
The camera affected is one of the highest end models and the most advanced internet-of-things device offered by the Google owned company, the Nest Cam IQ Indoor. The discovered vulnerabilities could not only give hackers full access and control of the camera, allowing them to watch all of the comings and goings in your house, but they could also use them to break into the network that the camera is attached to.
Two of the Cisco Talos researchers, Lilith Wyatt and Claudio Bozzato, uncovered the vulnerabilities and published the findings on the team’s public blog on the 19th August. The eight vulnerabilities that the pair found were based around the weave protocol, a toolkit used by some developers when building internet-of-things devices to help with communications.
Arguably the worst of the vulnerabilities involves a brute-force pairing attack. This attack can allow hackers to take full control of the camera by attempting different six-digit codes until they find the one that authorises the camera to pair. Although it may take up to a month of brute-force attempts, the six-digit code doesn’t change, even upon a reboot.
A firmware update has been pushed out by Nest to the affect models, Nest Cam IQ Indoor version 4620002. The version of your camera can be checked in the Nest app, but Nest says that the firmware update will happen automatically if your camera is connected to the internet.
When speaking to ZDNet, a Google spokesperson said:
‘We’ve fixed the disclosed bugs and started rolling them out to all Nest Camera IQs. The devices will update automatically so there’s no action required from users.’