CVE-2017-8228

Name of the Vulnerable Software and Affected Versions Amcrest IPM-721S version V2.420.AC00.16.R.20160909

Description The Amcrest IPM-721S device mishandles reboots within the past two hours, and Amcrest cloud services do not perform thorough verification when adding a new camera to a user's account. This allows an attacker who knows the serial number to add another user's camera to their cloud account and control it completely. The attack is possible if the camera is not part of an Amcrest cloud account or has been removed from the user's cloud account, and the user has rebooted the camera in the last two hours. A successful attack results in the attacker being able to view and listen to what the camera can see, change motion detection settings, and turn the camera off without the user's awareness.

Recommendations For Amcrest IPM-721S version V2.420.AC00.16.R.20160909, as a temporary workaround, consider restricting access to the camera's cloud account and avoiding reboots within a two-hour window to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.