​

Security researchers have discovered that a number of 80 Sony IP camera models come with backdoors that could be used by attackers to spy on users or launch further attacks.

SEC Consult says that it reached out to Sony to report the issue in October and the company already released new firmware updates that patch the vulnerability. The researchers, however, believe that Sony added the backdoors on purpose “maybe as a way to debug the device during development or factory functional testing,” and the backdoors are not the result of an infection.

They, however, state that they discovered two different vulnerabilities, one of which affects the web interface which allows an attacker to connect to a camera with a Telnet service.

The second flaw makes it possible to compromise the root account, which means that an attacker who carries out a successful exploit would gain full control over a camera and can spy on users, disrupt functionality, add the device to a Mirai botnet, or send different photos and videos.

Hackers could break in from the intranet or Internet

The IP cameras that come with these backdoors are primarily aimed at businesses, and Sony urges everyone to deploy the new firmware updates to remain secure.

“SEC Consult recommends Sony and Sony customers to conduct a thorough security review of the affected products. It is essential to restrict access to IP cameras using VLANs, firewalls etc. Otherwise the risk of being a botnet victim (e.g. Mirai) is high,” the security report states.

According to the original advisory, a hacker could take advantage of the backdoors using either a local network or a web connection, as long as these cameras can be accessed online.

You can refer to the box below to see the Sony IP cameras that were confirmed to come with a backdoor, and use this link to download the new firmware versions.

Sony has already acknowledged the security vulnerability and said that “we are grateful to SEC Consult for their assistance in enhancing network security for our network cameras.”