How vulnerable AV equipment becomes a stealthy participant in business meetings

The most sensitive information in organizations is often discussed offline. Yet audiovisual (AV) systems in meeting and conference rooms remain among the least protected attack surfaces, with little to no monitoring in place.

This issue was highlighted in a blog post by researcher Eugene Lim (spaceraccoon), who described vulnerabilities he discovered in the AVer PTC320UV2 (a camera for meeting room applications) and the Crestron TSW-1060 (a conference room control panel). For the latter, he demonstrated an attack chain that, once the device is compromised, allows persistence, lateral movement into the internal network, and ultimately eavesdropping on conversations and recording video from the conference room.

There are several reasons why securing such devices has become a challenge:

🔴 Updates are often delayed or discouraged. AV systems are expected to run continuously, so updates are frequently postponed or ignored. This is especially true for legacy devices: updates can disrupt operation, and troubleshooting or recovery may be difficult. 🔴 Many devices are insecure