Researchers have found a security flaw in a Swann security camera that allows attackers to spy on the video and audio feed of anyone’s camera. All the attacker needs to know is the serial number of a camera whose feed he wants to access, but that’s also not a problem, you can guess a random one !
Researchers found the problem after the BBC reported a case where one customer had received another’s recordings.
By altering the serial number, the researchers were able to obtain video feeds from other cameras – something they tested by typing in numbers belonging to other cameras that they had bought.
Swann have said that the vulnerability was limited to one model – the SWWHD-Intcam, also known as the Swann Smart Security Camera – which first went on sale in October 2017. Retailers including Maplin, Currys, Debenhams, Walmart and Amazon have sold them.
Swann and OzVision – the Israeli provider of its cloud tech – said the issue had now been fixed.
You can read a full investigation report here.
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.