A company that makes video doorbells found by Consumer Reports To curb serious security vulnerabilities, the consumer protection group has issued a fix. Eken Group has issued a firmware update for the affected security products under its own name, as well as products from other brands with which it has licensing agreements, including Fishbot, Rakeblue, Tuck and others. All video doorbells use the Aiwit smartphone app and can be purchased from popular online retailers such as Amazon, Shein, Temu and Walmart.
Already in February, CR reported that vulnerabilities were found in the video doorbells manufactured by Eken “that could allow a dangerous person to take control of the video doorbell in their victim’s home.”
Gaining access to the doorbell didn’t even require any hacking skills: criminals could simply download the Aiwit app, go to their target’s house, and hold down the doorbell’s button to pair it with their own smartphones and access their Wi-Fi change network and take control of the device.
Additionally, anyone with the doorbell serial number could view still images from the video feed remotely – no password or account required. CR Security experts found. Doorbell owners received no notification when another user accessed their video feed in this way.
The doorbells also did not encrypt the user’s private IP address or Wi-Fi network, leaving both potentially vulnerable to criminals.
The doorbells CR The devices originally reviewed were sold under the Eken and Tuck brand names and appeared to be identical, except for the difference that both users required to download the Aiwit smartphone app. The group I later found ten other seemingly identical Eken doorbells, but sold under different brand names.
CR checked Eken’s firmware update and says the issue has been resolved. “While we would prefer products to be safe and secure from the time they are first launched, the ability of our testing to uncover vulnerabilities results in better products for consumers.” CRsaid Maria Rerecich, senior director of product testing, in her report.
As a result CRAccording to the report, the FCC has asked Amazon, Sears, Shein, Temu and Walmart for more details about how they review the products sold on their platform. None of the five retailers responded CRPlease comment on this matter.
Eken’s video doorbells also lacked Federal Communications Commission ID tags required by law. CR found. The company has since added the FCC IDs to the doorbells’ electronic manuals.
Since CR In its February report, the company released many of the Eken doorbells from online retailers. What’s notable is that some of the doorbells were selected as “Amazon: Overall Picks” or with the “Amazon’s Choice” badge, a label with mysterious criteria that Amazon refuses to fully explain and that can be found on many dubious products.
If you own a video doorbell manufactured by Eken, be sure to check that your firmware is up to date. Your doorbell should receive the update automatically, but it’s a good idea to double-check. In the Aiwit app, go to the Devices page and tap the doorbell name. The Settings should then open. The firmware number should be 2.4.1 or higher, indicating it is up to date.