Share:

Nest Camera Bluetooth Vulnerability Allows Hackers to Temporarily Disable the Unit

Share:

Connected security cameras convenient for monitoring your home while you are away, but having a connected device can also pose a security risk.

Nest’s camera line has been found to contain a Bluetooth vulnerability that would allow a hacker to force the device to reboot, disabling the unit for up to 90 seconds.

The vulnerability was first discovered last October by Florida-based security expert Jason Doyle, who reported the issue to Nest right away. The issue was ignored by Nest for several months before Doyle felt the need to make them public in hopes of pushing Nest to take action.

Doyle discovered a total of three different Bluetooth vulnerabilities. Before we can detail each of them we must define an important term. A buffer overflow occurs when a program attempts to put more data in a buffer (a block of memory) than it can hold. If this anomaly is not accounted for, the program will continue to write data into memory outside of the buffer, which can overwrite existing data causing the device to behave strangely.

The first is a Bluetooth-based buffer overflow attack via the SSID parameter and the second is a buffer overflow attack via the encrypted password parameter. Both of these vulnerabilities produce a buffer overflow in each of the given parameter fields, which causes the device to crash and reboot.

The third and final vulnerability is a Bluetooth-based Wi-Fi disassociation. Doyle found that is it possible to temporarily disconnect the camera from Wi-Fi by supplying git a new SSID to connect to. Local storage of video footage is not supported by these cameras so surveillance is temporarily disabled.

In this case, the camera dissociates from current Wi-Fi network to attempt association with the new SSID. The camera goes offline for approximately 60 to 90 seconds before reconnecting to the original Wifi network and resuming normal operation.

Before even thinking about why Nest did not check for buffer overflows, we want to ask why Bluetooth remains enabled after setup, even though it is never used. All three of these attacks are possible because of the device keeping Bluetooth enabled at all times.

If it’s not being used, Nest should disable Bluetooth after the initial setup is complete and also include some defenses for buffer overflow attacks.

Nest has released a statement claiming that they will be releasing a patch for the issue in the coming days. A full description and proof of concept for each vulnerability can be found on Doyle’s GitHub page.

[via Engadget]

Share:

  • klineberger

    I was without work for 6 months when my former Co-worker at last advised me to get started with freelancing from home… That was only just after I received $5000 in my initial thirty days when I actually believed I could do this for a living! At the moment I am happier than ever… I work from home and also I am my own boss now like I always wanted… I see so many discouraged people around me, working the same old boring job that is sucking the everyday life out of all of them day-after-day… Each time I notice someone like that I say START FREELANCING MAN! This is how I started off >>>> http://secure58­.­weebly­.­com

  • jacinto.feliciano

    I was paid 104000 bucks previous year by doing a web-based task moreover I was able to do it by w­orking in my own time f­o­r several hours during the day. I tried job opportunity I found out over the internet and also I am delighted that I was capable to earn such good money. It’s seriously newbie-friendly and therefore I’m so blessed that I found out regarding it. Read through what I do… http://time73­.­weebly­.­com

Deals