A vulnerability detected in Amazon doorbell cameras made it possible for hackers to gain access to the owner's household computer network.
The weakness in the Ring Video Doorbell Pro IoT device was discovered by researchers at Bitdefender in June of this year. Researchers found that the credentials of the local wireless network were being sent through an unsecured channel using plain HTTP during the doorbell's setup process.
By exploiting the flaw, an attacker physically near the device could get hold of the doorbell owner's Wi-Fi password and use it to interact with all the devices in the owner's household network.
With the ability to communicate with devices such as security cameras and NAS storage devices, an attacker could access and steal private photos, videos, emails, and documents. It would also make it possible for an attacker to mount man-in-the-middle attacks.
According to Bitdefender chief security researcher Alexandru “Jay” Balan, the vulnerability could even have allowed a particularly determined hacker to gain physical access to a property.
Balan told Infosecurity Magazine: "With access to a user's Wi-Fi password and, implicitly, access to the user's home network, there's a lot that can be done since devices are less secure on the inside.
"It's possible that someone could hack a local system that can output sounds (like a computer or a sound system) and make it say 'Alexa, open the front door'; however, this is admittedly a stretch."
The video doorbell is an immensely popular home security device, with almost 17,000 reviews and more than 1,000 answered questions on the Amazon.com website.
Bitdefender disclosed the vulnerability to Amazon on June 24. Amazon began implementing a fix on September 5, and as of now, all Ring Doorbell Pro cameras have received a security update that fixes the issue.
This isn't the first time Bitdefender has found flaws in a security device.
"We uncovered vulnerabilities in Guardzilla indoor security cameras last year that showed significantly bigger issues," said Balan.
"There's no escaping someone finding security flaws in your products, no matter who you are."
Worryingly, more than half of vendors alerted to vulnerabilities in their products take no action to resolve them.
"We actually appreciate Ring's response. They deployed the patch quickly," said Balan.
"In more than 60% of the notifications we have sent to vendors we have received no response whatsoever."