Comprehensive up-to-date news coverage

HomeNewsTech NewsThis vulnerability in the Ring app could expose the user's phone data

This vulnerability in the Ring app could expose the user’s phone data

Published on

Follow us on Google News for latest updates and information.

News Tech: Amazon has fixed a security flaw that endangered Ring camera users’ privacy. According to reports, the Android app for the Ring camera has a flaw that gave malicious programmes access to user data, including location, camera recordings, and other information.

The researchers discovered several security flaws in the software that a malicious party may attack in a series of ways, to put it briefly. They started by noting how simple it was for other programmes to access the app’s com.ringapp/com.ring.nh.deeplink.DeepLinkActivity activity. As a result, a malicious app that was also installed on the same device as the Ring Android app might start the activity and fool the user into downloading further harmful software.

In a recent study, CheckMarx said that its experts had found a serious security flaw in the Ring mobile app that put users’ privacy at danger.

Regarding this activity’s exploit, the researchers stated,

With this cookie, it was then possible to use Ring’s APIs to extract the customer’s personal data, including full name, email, and phone number, and their Ring device’s data, including geolocation, address, and recordings.

The researchers have shared the PoC exploit in the following video. Researchers from CheckMarx informed Amazon of the vulnerability after finding it. Amazon subsequently released versions 3.51.0 and 5.51.0 of the Ring app for Android and iOS users, respectively, to address the vulnerability. Amazon further guaranteed that the vulnerability in the wild would not be exploited.

There have been more than 10 million downloads of the Android app for Amazon’s Ring cameras. This means that millions of users’ privacy and security were also at risk due to the vulnerability. Users must make sure they update their devices as soon as feasible with the corrected releases once Amazon patched the vulnerability and the PoC exploit became public in order to minimise risks.

Check the latest news about tech news section for best information.

Latest articles

Canopy, Cannabis Firm, Praises Biden’s Marijuana Pardon As Its Shares Rise

News Tech: Canopy Growth applauded President Joe Biden’s declaration on Thursday that he...

Check Google Play Protect Certificate Android devices

Hello everyone, in this article we will tell you how to do it Check...

Producer prices fell by 18%, bitcoin price and ethereum prices went up

News Tech: During the early European session on Thursday, the market cap of...

Sync time on Linux servers with Chrony

Hello everyone, in this article we will show you how synchronize time on Linux...

More like this

Canopy, Cannabis Firm, Praises Biden’s Marijuana Pardon As Its Shares Rise

News Tech: Canopy Growth applauded President Joe Biden’s declaration on Thursday that he...

Check Google Play Protect Certificate Android devices

Hello everyone, in this article we will tell you how to do it Check...

Producer prices fell by 18%, bitcoin price and ethereum prices went up

News Tech: During the early European session on Thursday, the market cap of...

Sync time on Linux servers with Chrony

Hello everyone, in this article we will show you how synchronize time on Linux...

Asian stocks fall ahead of US jobs data

News Tech: Ahead of US jobs data that investors are hoping will persuade...

Square Nails provides services, free drinks and more Bud, Kyle

In Science and Space: On September 25, Bannockburn Church opened Bannockburn Buda-Kyle at...