Millions Of Xiongmai Video Surveillance Devices Can Be Hacked Via Cloud Feature (Xmeye P2p Cloud)

All devices from Xiongmai, a Chinese manufacturer of white-label video surveillance equipment, come with an always-on cloud feature called XMEye P2P cloud. This feature contains serious vulnerabilities that allow attacks on millions of devices, even ones that are behind firewalls. The SEC Consult Vulnerability Lab is using the results to improve the automated analysis by IoT Inspector. The P2P Cloud feature allows remote connections into private networks and effectively allows attackers to attack devices that have been intentionally exposed.”]

Source: https://sec-consult.com/blog/detail/millions-of-xiongmai-video-surveillance-devices-can-be-hacked-via-cloud-feature-xmeye-p2p-cloud/

Something Fresh

Zip Codes & PII: Are They Personal Data?

ZeroNet: 51% Attack Risks & Mitigation

Zero Knowledge Voting with Trusted Server

What People Reading

YubiKey Security: Initial Setup with Yubi Cloud

Zero-Day Vulnerabilities: User Defence Guide

Feedback and data-driven updates to Googles disclosure policy

ZAP: Brute Force Passwords

Security Insider Interview Series: John McArthur, Senior Product Manager, IP Intelligence; and Rupert Young, Senior Director Software Engineering, Data Compilation and Identity, Neustar

Categories

Partners

Just add here your partners image or promo text