My gut feeling : the guys at Ingenic (the company selling the CPU used in the cameras) made a kernel that works, released it, and never updated it.
It also means that they pushed more than a million products with outdated software out there ! In 2018, Wyze reported they have sold more than a million cameras.
#Wyze cam securityspy update
While it would be Ingenic's job to update the version of the kernel they publish, ultimately, it is Wyze which is selling the product, so it is their ultimate responsibility. Because noone here takes the time to regularly update the kernel, all customers are exposed to potential security issues. Wyze took it, made their products with it, and do the absolute minimum maintenance required.
Wyze, are you going to update the kernel you are using in your cameras, to a version which is currently maintained and does not have known security vulnerabilities ? In addition to that, it seems like the BSP specific code of the Ingenic T20 CPU has not been committed to the upstream kernel repositories, and is likely not audited properly, so there may be more vulnerabilities. I downloaded the latest firmware available today for Wyze cam V2, version 4.9.5.111 released on March 18th 2020, and it still uses that kernel.Īssuming Wyze did not backport security updates from more recent kernels, it would mean there are as of today 318 known security vulnerabilities in that kernel version, some of which I believe are exploitable remotely (I am not going to publish the details for obvious reasons). So even if Wyze still does firmware releases, they are based on this ancient kernel. Now, as to the Linux kernel, it is version 3.10.14. For example, one could look the source file cmd_sdupdate.c to get an idea of the code quality. The code gives the feeling that it was developed in a hurry with no quality checking whatsoever, and no code reviews. There are many typos, "kernal" instead of kernel, "earse" instead of "erase", and many others. Code is commented out everywhere, and there are comments such as this one : /* this is really not a good idea, but it's what the */
#Wyze cam securityspy full
The code of the u-boot bootloader is full of hacks. Specifically, the code of the u-boot bootloader and Linux kernel, that Wyze had to publish because of the GPL. Long story short, I found myself digging into the public source code of the Wyze V2 camera.
0 kommentar(er)
