Quote:Smart doorbells, designed to allow homeowners to keep an eye on unwanted and wanted visitors, can often cause more security harm than good compared to their analog door bolt alternatives. Consumer-grade digital doorbells are riddled with potential cybersecurity vulnerabilities ranging from hardcoded credentials, authentication issues and devices shipping with unpatched and longstanding critical bugs.
That fresh assessment comes from NCC Group, which published a report last week outlining “domestic IoT nightmares.” In partnership with the publication Which?, it assessed smart doorbell models made by three vendors Victure, Qihoo and Accfly along with white-box offerings from three additional doorbell makers.
“Overall the issues we have seen during this research have outlined a poor approach to developing secure IoT devices. There are still devices being developed, shipped and sold with an array of issues let alone these issue being cloned into knock-off, copycat devices,” wrote NCC Group’s co-authors of the report.
The scope of the problems uncovered included undocumented features that, if known, could be exploited by hackers. Other issues found were tied to the mobile applications used to access the doorbells along with vulnerabilities in the hardware itself.
Noticeably absent from the analysis are the names of market-share leader Ring Video Doorbell and the handful other big players such as Nest, Vivint and Remo. Nevertheless, the study comes as a flood smart doorbells have been introduced into the consumer market feeding a robust appetite for the niche.
Smart doorbells lead the charge when it came to a 33 percent increase in smart home gadgets flooding U.S homes in 2020, according to Hub Entertainment Research. Thirty-nine percent of all U.S homes have a connected device.
Read more: https://threatpost.com/smart-doorbell-vu...ck/162527/
![[-]](https://www.geeks.fyi/images/collapse.png)
