Security researchers have found a critical vulnerability in Linux-based Sony IP cameras. The security flaw that has so far reportedly affected as many as 80 camera models lets an attacker execute malicious code and even hijack the vulnerable cameras.
Cybersecurity firm SEC Consult has brought the discovery of the backdoor access on select Sony IP cameras that helps attackers convert the compromised camera into a botnet. The attackers can leverage the camera as a slave node for malicious activities. Further, the serious flaw opens possibilities of DDoS attacks, similar to what was found with the Mirai botnet previously.
According to the researchers, the vulnerability is found in Sony IP cameras based on its IPELA Engine. It silently gives the attackers backdoor access to remotely enable Telnet/SSH service. Root access to a Linux shell can be established after switching on the security service and physical access to the device can even help the attackers leverage serial ports to exploit it.
In many cases, the web gateway of these IP cameras is accessible. The makes it easier to remotely infect the camera.
The published report says that the backdoor was presumably developed by Sony’s in-house team to debug the device during development or testing. But it could breach the surveillance security through a malicious reach.
Sony was informed about the finding by the researchers’ group at SEC Consult in November. Moreover, a firmware update has recently been released for some of the models to fix the issue.