According to Synology, this security flaw affects the company's BC500 and TC500 Camera lines.
These are two AI camera lines launched in the Vietnamese market in March 2023. These vulnerabilities were discovered during the Pwn2Own 2023 cyber attack competition, which could allow hackers to execute arbitrary code remotely and bypass security restrictions in the firmware of the BC500 and TC500 lines.
These vulnerabilities were identified in BC500 and TC500 Camera versions 1.0.7 and earlier. Details of the vulnerabilities have not been disclosed by Synology.
Users are advised to update the firmware to the latest version.
The Taiwanese tech giant has released updates to address these critical vulnerabilities. Users are advised to upgrade their devices to the latest versions immediately. In addition, Synology also recommends taking measures to protect their camera devices, including changing the default password to a strong and unique password, disabling unnecessary services and ports on the camera, periodically checking and updating the firmware, and implementing layered security measures including network layer and access control.
The BC500 and TC500 surveillance cameras feature AI analytics and integrate seamlessly with Synology's Surveillance Station camera management system. Both are IP67 dust and water resistant, have night vision up to 30 meters, and multi-exposure HDR, making them suitable for indoor and outdoor use. On the AI side, both cameras feature human and vehicle detection, intrusion detection, and an Instant Search feature that identifies potential threats, as well as tracking and retrieving relevant footage.
Source link
Comment (0)