Error in Ring app allowed other apps to access your camera images
A vulnerability has been discovered in Ring’s Android app. Other apps may have been able to access the app’s content, including the camera images and personal data of the Ring users. The bug has been fixed with a patch.
Contents
Ring – Always Home
This app is included with the Ring VIdeo Doorbell 2 and other products. It lets you view the camera and set up new products. Furthermore, you can choose the ringtones yourself..
More info
Ring Vulnerability
Checkmarx security researchers have notified Amazon about a flaw in the Ring app that could have serious consequences. The flaw allowed other apps on the user’s phone to access the content in the Ring app.
Of course, a trustworthy app wouldn’t have any reason to look at the Ring app’s data, but in principle it was possible for hackers to release targeted malware that would take advantage of the vulnerability. This would give them access not only to the personal information of the Ring user, but also to the location and camera images that are stored.
“No Information Exposed”
Amazon, the parent company of Ring, has also responded to Checkmarx. The company acknowledges the seriousness of the flaw discovered, but it also reassures users.
“We rolled out a solution to Android customers on May 27, 2022, not long after the researchers reported the flaw. Based on our analysis, no customer information was exposed. It would have been extremely difficult to exploit the wrong, because that would only be possible under a range of improbable and complex circumstances,” said an Amazon spokesperson.
In the fall of 2021, Ring has secured its video doorbells with end-to-end encryption. It also released the fourth generation of its video doorbell last year. Ring has previously received criticism from the privacy watchdog EFF regarding the collection of user data.
Do not choose the white product
Thousands of Ring user passwords have also ended up on the street, but that was because they were part of a database that contained stolen passwords. In an interview on Androidworld, a security expert emphasized that it is still safer to choose an established company such as Amazon for smart home devices than, for example, an unbranded product that you get from Aldi, Lidl or Action.
Want to stay up to date with the latest news about Ring? Then download our Android app and follow us on Facebook, Instagram, YouTubeTelegram and Twitter.