IoT Bug Grants Access to Home Video Surveillance

A vulnerability in the Guardzilla All-In-One Video Security System, an IoT-enabled home video surveillance system, lets all users view one another’s saved surveillance footage due to the design and implementation of Amazon S3 credentials inside the camera’s firmware. Security researchers found the bug (CVE-2018-5560) during an event held by 0DayAllDay and reported it to Rapid7 for coordinated disclosure.

Read full news article on Dark Reading