By exploiting the vulnerability, an attacker could obtain recordings from video intercoms and surveillance cameras.
The American company Amazon announced the fix for the vulnerability of the Amazon Ring application. Android OS users have been at risk for a long time because with the help of this application, attackers could obtain confidential data.
The Ring company develops and supplies video intercoms and video surveillance systems. The company’s devices not only broadcast everything that happens on the monitor but also save the recordings to the cloud and display the picture in the mobile application.
A security researcher at Checkmarx analyzed the Android version of the app and found a vulnerability in it.
A vulnerable app installed on an Android device allows attackers to gain access to sensitive data generated by the Ring app, not only geolocation and camera recordings, but also full names, email addresses, phone numbers, and postal addresses.
To date, the Android Ring app has been downloaded by users over 10 million times. At the same time, according to Amazon, no cases of exploitation of the vulnerability were found.
In addition, it is noted that the error was fixed in the May 27 update, but the fix was publicly announced only the other day.