Bitdefender researchers have recently uncovered an issue in Amazon’s Ring Video Doorbell Pro IoT device that allowed attackers physically near the device to intercept the owner’s Wi-Fi network credentials.
According to reports, the vulnerability can also allow a threat actor gain unauthorised access into the household network and potentially to other devices connected to it.
Here are Bitdefender’s findings:
Once in possession of a user’s WIFI password, an attacker has full access to the network (worth mentioning that security on internal network is really lax with many devices (such as Smart TVs) allowing interaction even without any authentication whatsoever). Examples of possible things an attacker might do without user knowledge:
- Interact with all devices within the household network;
- Intercept network traffic and run ‘man-in-the-middle’ attacks
- Access all local storage (NAS, for example) and subsequently access private photos, videos and other type of information
- Exploit all vulnerabilities existing in the devices connected to the local network and get full access to each and every device; that may lead into reading emails and private conversations
- Get access to security cameras and steal video recordings
How the vulnerability worked
During the configuration stage, the mobile app sends the Wi-Fi network credentials in plaintext to the Ring Video Doorbell Pro. This allows the hacker to sniff the packets and find out the sensitive data it needs to connect to the user’s WiFi. Worthy mentions:
- The attacker doesn’t need to know anything about the victim’s network and does not need to be associated with that WiFi access point. Sniffing WiFi packets broadcasted over unencrypted channels is standard in the WiFi RFC
- Attackers can trigger the reconfiguration of the Ring Video Doorbell Pro. One way to do this is to continuously send de-authentication packets, so that the device is dropped from the wireless network. At this point, the App loses connectivity and tells the user to reconfigure the device.
What the user needs to do
The device already received an automatic security update that fixes the issue. So, to be on the safe side Ring Video Doorbell Pro users can make sure they have the latest update installed and if this is the case, they’re safe.