Mass P2P Video Surveillance Vulnerability Impacts Millions (ThroughTek)

By Sean Patton, Published Jun 21, 2021, 08:40am EDT

P2P has become a major alternative to the insecurity of port forwarding but one of the most widely used providers (Throughtek, whose customers have included Swann, Foscam, Wyze, and many more) has been found to have a massive vulnerability in its widely used SDK.

IPVM Image

In this report, we explain the vulnerability, what companies use its P2P platform, examine the impact, how the vulnerability is fixed, including feedback from Throughtek.

Attack *******

*** ************* ****** ********* to ******** ****** ***** and ***** **** *** Internet, **** * **********-******* NVR ** ******. ** was ***** ** **********'* SDK (********* *** *** versions ** ** *** including ******* *.*.*.), ***** prior ** *********, *** not ******* ********* ************** between ****** ******* (*.*. NVRs, *******) *** ********** P2P ******* *******.

******** ******** ******* **************** *** ************* ***** in * ***** *****-***** viewing ****** ********** ******** that ******** ******* *** vendors:

IPVM Image

******* *** *** *** configured ** *** * fixed ***, ****** **** a ******** ****** *** exchange, ****** *****:

***** **** ******* ********* the ********, ** ******** that ** **** ** access ** *** *********** the *****/***** ******.

*** ********* ** * proof-of-concept ****** ** *********, which ************ **-***-*** ******* from *** ******* *******. The ****** ******** **** XYEU ** *** *** that ******** ********** * device ** *** *** network.

IPVM Image

****** **** ***** **** while ** ******** *** try ** ****** *** traffic ** ********** *******, because ******* **** *** the ******* *** *** a ****** *** ********, identifying ***** ******* *** vulnerable ******** ** ***** step.

*******, **** ******** ********** in ******* ******* ***** SDK ********, ******:

******* ******* * ****** running *** ***** ******* of *** ******** ****** to ** * ****** challenge **** ******* *** vulnerability.

Impacts ******** ** *******

**********'****** *.*** ******** ** * platform ********* *** ***+ SoCs **** **+ ************* (such ** ***** ** HiSilicon ** *********) **** are **** ** *** IoT *** ************ **********, including ************, **** **********, smart ****, *** ***** retail.

********** ********* **** ******* traffic ******** ******* ******, Swann, *** ****. ********** also ****** **** ***** Wireless, *****, **********, *********, HP, *****, ***** ***, HP, *******, ********, *******, Xiaomi, *** ******* ** past *********, **** ******** ** ****. *********** ***** ** these *********' ********** *********** are ********** ** ********* and *******.

** ***** **** ** they **** ****, ** still ***** * ********** version ** ********** ***, but **** *** *** respond. ** **** ****** the ****** ** **** do.

Encryption *******, *** ********

*** ******* ********* ********* is * ********* ****** the ****** ******** **** they ***** ******** ******** layers ** *** ** end ********** *** *****-****** authentication:

IPVM Image

*******, **** ***** **** ThroughTek *** *** ******* the *** ** ********** of *** *********, ***** caused *** *************. **** said **** **** ******** education *** ********* ** use ***** ****** ** a **** ****** ******:

** * *** ******** provider, ** ************ ********* sufficient ******** *** ***** service ** ******* ****** security ********* ** ***** in *******, **********, *** client ***. ******** ** cannot ***** **** ***/******** that ********** **** *** in *** ***, **** will ******** *** *********** training *** **** **** our ********* *** ** correctly ** ***** ******* security ******.

SDK / ******** ****** ********

*** ********* *** ********** and *** ********* ** millions ** ******* **** firmware *******, ***** ********** challenging *** ***** ******* that ****** ** ******* remotely ****-***-***.

** ****, ******** ******** are ******** ** ****** in * ****** ******* due ** *** ****** of *** ********* ** these ***-**** *******; **** do *** ******** ******* contracts, *** ********* ***/****** systems **** ******* ********* of ************* ******.

Critical ************* *******

****************** ** ********** *** responsibly ********* *** ************* to ********** ** ***** 2021. *** ************* ** currently ****** ** ***** CVE ******* ******* ******** details:***-****-*****.

*** ************* *** ***** a **** ** **** score ** *.* *** to *** **** ** access ** ****/******** ***** and *****, ****** *************, the *** ********** ** the ******, *** ** credentials ** ******** ********. The **** ****** ****** is (**:*/**:*/**:*/**:*/*:*/*:*/*:*/*:*).

IPVM Image

**** ** * ****** attack, ******* ** *************** such *******'* ********* ************* ************ ************* **** **** ******* simple ****/*********** ********* ** attack.

ThroughTek ********

IPVM Image

****** ***** ******* ***,************* *********** ** ****** in ****. **** *** a ***** ********** ******** in *** ***/***** ****** and ***** ************ **********. In ****, **** ******** the ***** ********, ***** is ******* ** **** vulnerability.

********** ** * ******** company, ** ****, **** do *** ******* ******** devices *** **** **** hardware ************* *** ****/********** to ********* ******** ******** of ******** *** ******** development.

ThroughTek ****** *********

**********'************* ** *** ********************* **** **** ********* were ** ***** *** incorrectly ***** *** ***, or ****** ** ****** updates:

******** ********** **., ***. (hereinafter ******** ** ** TUTK) *** ********** **** customers *** *********** *********** our *** ** **** disregarded *** *** ******* updates.

***** ********** ** ********** responsibility *** *** *************, they ******* *** ****** to ********* *** *** in ** ********* ******, which ***** ********* *** because ** *** ******/****** less ******** *** ******* cameras.

********** **** **** **** been ********* ********* ** upgrade *** ***, *** older ******** ** *** support ****-***-*** ** ****** over-the-Internet ********:

*** *** **** ***** years, ** **** **** informing *** ********* ** upgrade ***** ***. **** old ******* **** *** function ***** ***** *** FW ******* **********. ** addition, ** **** ********* that ***’* **** ** enable *** **** ******* it ***** **** **** the ********** ************* *****, therefore *** ******** ** upgrade. **** ******** *** with ********* ***** *** API *** ******* ***********, we ** *** ****** and ******** *** ********* for ** **********

ThroughTek ***** ***** **** ****

***** ********** *** *** publicly ******** *** ************* until ** *** *********** forced ** *** **** and ****** *************, **** posted ****** **** ****** ***** **, ****, instructing ********* ** ****** Authkey *** **** ******** features, *** ** ***** out:

*** ******* ********* ******** another ***** ** *** connection **********. ***** ******** the ******* *********, *** P2P ******* **** **** to ***** ******* **** peer ** * ********** provides *** **** ******* before **** *** *** up * **********. ** enabling ****, **** ******** will ** ********. ** encourage *** ********* ** implement ******* *** ****. If *** **** ****, please **** **** ** contact **** ***** ***************.

** **** *****, ********* to ******, ********** *** aware ** *** *****.

Nozomi ********

****** *** *********** ** California ** ****, ** co-founders*** ****** ************* ****** *******, **** **** ****** backgrounds ** ******** *** hardware **** ********. ****** offers ************* ******** *** monitoring ******** *** ******* for ************* *** *****, and ****** ******* ****** detection.

************, **** ******* ****** Network ****, ***** ***** the ********** *************, *********** * ******* *** camera *************. **** ****** **** their *** ******** ******* for ****** **********:

** ****** ******** ** have * ********** ******** of ******* **** ***** our *** ***********, **** PLC ** *** ** medical *******. **** ** receive * *** ******, one ** *** ***** activities ** ** ** analyze *** ******* *******.

Comments (3)

** **** ** *********** to *** ** **** will **** *******. ***** is ******* ***** **** a ******* *** ********** issues **** ** ******** the ******** ** ***** products.

* **** ********** **** a ******* ***** ** prepare * ********* *** investigate *** ***** ******* of **** ******** *** the **** *** ******* out ********* ***********.

Agree: 1
Disagree
Informative
Unhelpful
Funny
Agree
Disagree
Informative: 2
Unhelpful
Funny

****, **** ** * difficult *** ** ******* because *** **** * valid *** ** *******.

** ****** ******:

** *******, *** ***** that *** ****** *** network ******* ******* *** NVR *** *** *** user, ********* *** *** third-party ****** ******** ** some *********, ***** ****** and **** ************ *****/***** streams.

** *** **** * way ** ***** ***** party ******* ** * non-public ******* ** *** a ***.

*** **** ** * far *** **** *** mentioned ***** ****-***** ********, which ******* ****** **** anywhere ** ******** * camera *** **** ******* it ********.

Agree
Disagree: 1
Informative
Unhelpful
Funny
Read this IPVM report for free.

This article is part of IPVM's 7,264 reports and 968 tests and is only available to subscribers. To get a one-time preview of our work, enter your work email to access the full article.

Already a subscriber? Login here | Join now
Loading Related Reports