ADI Hides Dahua Relabeled Capture Camera Critical Vulnerability [Now Issues Notification]
By Ethan Ace and Rob Kilpatrick, Published Oct 08, 2021, 09:12am EDT
ADI's Dahua-relabeled Capture cameras are vulnerable to a critical vulnerability, IPVM has verified. However, ADI has not notified users nor posted instructions to patch them plus ADI management refused to respond to IPVM.
In this report, we examine the details of these vulnerabilities, proof of concept showing they are vulnerable, response from ADI management and tech support, and how relabeling impacts cybersecurity.
Update, more than 3 months after Dahua was informed and a month after Dahua disclosed publicly, ADI has issued a statement copied primarily from Dahua's statement: