Many holes
The tech company is scrambling around in their sunny beach paradise trying to patch 13, yes, 13 critical holes in its very popular SmartCam security cameras.
The holes range from not using HTTPS to an embarrassingly weak method to protect user creds that could easily allow a Naughty Person to take control of the cam, or even use the cam as a way to get into a network and then launch a series of nasty attacks. Or just brick it if they felt like it.
Found by Kaspersky
Researchers from Kaspersky found the flaws and played nicely with Hanwha Techwin to give them a chance to patch their Swiss cheese camera.
IF you’re worried, it’s the snappily named model SNH-V6410PN/PNW that’s hole-ridden. It’s used by consumers and businesses and is flogged mainly in South Korea and Europe. Kaspersky said over 2,000 of the cameras have IP addresses that are publicly accessible. D’oh.
A patch has been rolled out.