Researcher Names: Gerhard Hechenberger, Steffen Robertz
Vendor: HiKam
There is just not enough space left here to describe how much “HiKam” failed to protect their “security” camera devices. Seven of nine critical vulnerabilities, the Borg would be proud of HiKam. Gaining admin access just by adding “admin” as a cookie flag… don’t ever run those devices on your spaceship! But it gets worse, the whole “security” camera armada in the cloud can be hijacked completely by stacking some nice protocol deficiencies together with spoofing and weak crypto. No user interaction required, the Borg collective will now take over.
To make things worse, the vendor just did not bother and went silent. COVID-19 and SoC shortage (?!) was the lame excuse not to fix the firmware(!) issues.
Blog post with heat maps of all devices that could be hacked world-wide:
https://sec-consult.com/blog/detail/hikam-hi-i-am-not-your-kam/
Technical advisory: https://sec-consult.com/vulnerability-lab/advisory/critical-vulnerabilities-in-hikam-high-infinity-technology/