According to a BBC report, thousands of the firm’s cameras have a vulnerability allowing anyone on the Internet to hook up to its feed and peer into the homes of others.
Indeed, such an intrusion into one’s home by outsiders could be deeply embarrassing, especially if you’re caught with your pants down, so to speak.
So what exactly is happening here? Well, according to the BBC, it was tech site The Verge that first happened upon the camera flaw last month through a blog called Console Cowboys.
It was discovered that anyone going to the net address of a camera feed could watch the video stream without needing to enter a password. There’s even a way of using a search engine to identify cameras with the vulnerability.
On top of that, some message board sites have been posting links to more than a thousand feeds, allowing anyone who clicks on them to join the network.
Apparently the security breach was made possible by a coding error that was introduced back in 2010.
Zak Wood, Trendnet’s director of global marketing, told the BBC, “As of this week we have identified 26 [vulnerable] models. [In] seven of the models, the firmware has been tested and released.”
Wood continued, “We anticipate to have all of the revised firmware available this week. We are scrambling to discover how the code was introduced and at this point it seems like a coding oversight.”
On Tuesday, the California-based company put up information on its website relating to the security flaw.
“We recently became aware of a vulnerability with several Trendnet SecurView IP cameras purchased since April 2010,” the company said. “Trendnet’s security team understands that video from some Trendnet IP SecurView cameras may be accessed online in real time. Upon awareness of the issue, Trendnet initiated immediate actions to correct and publish updated firmware which resolves the vulnerability.”
The webpage listed all of the camera models that could potentially have the vulnerability and provided a link to new firmware for the affected cameras. It added that it is “working to publish all outstanding firmware within the next 48 hours.”
News of the vulnerability will no doubt come as a big shock to owners of the affected devices, many of whom will now be wondering just what snoopers may have been able to see since news of the flaw began doing the rounds on the Internet.
Trendnet was founded in 1990 and sells its products in more than 125 countries around the world. Its motto is, ironically enough, “networks people trust.”
- Blizzard patches security hole to block hackers from sending fake updates
- Having problems with your Xbox One? We have some possible solutions
- Google found another critical security flaw in Microsoft Edge
- Common iOS 11 problems and advice on how to handle them
- Intel requests hardware partners to halt Meltdown patches due to reboot issue