Triple Flaw in Nest's Dropcam Opens the Door to Burglars

Three vulnerabilities in Nest’s Dropcam and Dropcam Pro security cameras have been discovered by Florida-based security researcher Jason Doyle that could allow an attacker – or in this case, a tech-savvy burglar – to stop the cameras from recording.

Affecting firmware version 5.2.1 and with no patch currently being released by the manufacturer, the researcher strongly believes a burglar could leverage these vulnerabilities and cause the cameras to stop recording while he breaks into the house.

The first vulnerability involves using the camera’s Bluetooth Low Energy (BLE) – always on by default – and pinging Wi-Fi SSID with a really long parameter. This causes a buffer overflow in the camera and prompts the device to crash and reboot. The second vulnerability also involves a buffer overflow crash, but this time caused by an overly long Wi-Fi password.

“It’s possible to trigger a buffer overflow condition when setting the SSID parameter on the camera,” reads the researcher’s post. “The attacker must be in bluetooth range at any time during the cameras powered on state. Bluetooth is never disabled even after initial setup.”

The third Dropcam vulnerability involves a Wi-Fi association attack, forcing the camera to disconnect from its Wi-Fi network and join a rogue or potentially non-existent Wi-Fi network. After a 90-second pause, the Dropcam will try to connect to the previously known Wi-Fi network to resume its activity.

Because the smart camera has no offline footage storage capabilities, this attack would give a burglar a window of opportunity to sneak into the house. Considering the attack could be repeated indefinitely, the burglar would have a lot more than 90 seconds to move about the house, without fear of being recorded.

“It’s possible to temporarily disconnect the camera from Wifi by supplying it a new SSID to connect to,” noted the researcher. “Local storage of video footage is not supported by these cameras so surveillance is temporarily disabled.”

Although reported in to October, the vulnerabilities have not yet been patched, meaning that any tech-savvy burglar could leverage any or all of these vulnerabilities to break into any home with a Nest Dropcam. Users are strongly encouraged to apply the security update as soon as it becomes available.

Photo credit: Tookapic for Pexels