A critical vulnerability affecting tens of millions of digital video recorders powering baby monitors and CCTV systems across the world has been uncovered by Mandiant, which claims the vuln allows for unauthorised viewing of live camera footage. The vuln exists in Chinese IoT vendor ThroughTek’s Kalay communication protocol, the researchers claim, adding that malicious users could exploit the vuln to remotely access victims’ DVRs.
Read full article on The Register