Cisco Talos is disclosing multiple vulnerabilities in the Anker Roav A1 Dashcam and the Novatek NT9665X chipset. These vulnerabilities could be leveraged by an attacker to gain arbitrary code execution on affected devices. The Roav Dashcam is a dashboard camera that allows users to connect using the Roav app for Android and iOS so that the users can toggle settings and download videos from the dashcam, along with a host of other features. In accordance with our coordinated disclosure policy, Cisco worked with Octaviak to ensure that some of these issues are resolved and that an update is available for affected customers. However, we were unable to contact Anker, therefore, the vulnerabilities remain unpatched.”]
Source: https://blog.talosintelligence.com/2019/05/vulnerability-spotlight-multiple.html