CVE-2021-3791

Vulnerability

An information disclosure vulnerability exists in some Motorola-branded Binatone Hubble Cameras. An unauthenticated attacker on the same subnet can download an encrypted log file that contains sensitive information, including the WiFi SSID and password [1]. The affected camera models are those covered by the Binatone security advisory, but specific version numbers are not provided in the available references [1].

Exploitation

An attacker must be on the same subnet as the vulnerable camera and have network access to the device. No authentication is required [1]. The attacker can directly access the log file endpoint over the network to download the encrypted file. While the log file is encrypted, the advisory indicates that it contains the WiFi credentials, implying that the encryption key may be known or the file is otherwise decryptable by the attacker [1].

Impact

Successful exploitation allows the attacker to obtain the WiFi SSID and password, leading to information disclosure [1]. This could enable further attacks on the network, such as unauthorized network access or compromise of other devices. The impact is considered high due to potential privilege escalation and lateral movement from network access [1].

Mitigation

The advisory recommends users update the camera firmware to the latest version provided by the vendor [1]. The fixed firmware release date is not specified, but users should check the vendor support page for updates. As a workaround, users should ensure the camera is on a separate, isolated network segment to limit exposure [1].