Connect with us
McAfeemcafee banner ad


Remember the $20 Wyze Cam? If you do, you should read this

A security hole could have let anyone watch your recordings.

wyze cam mounted on the wall

A security issue present on all models of the Wyze Cam took the company three years to fix. The issue allowed potential bad actors remote access to your SD card recordings. Yikes.

A new blog from Bitdefender via BleepingComputer outlines the issue and several others that were previously fixed. All three issues were originally disclosed to Wyze by Bitdefender in March 2019.

Yes, that was three years ago. As The Verge points out, Wyze knew hackers could remotely access your camera for three years and said nothing.

To be fair, Wyze fixed one issue which allowed attackers to bypass login details later in 2019. Another issue that enabled attackers to run their own code on the device was patched later in November 2020. Wyze fixed the SD card vulnerability in January of this year.

What steps should you take now with your Wyze Cam?

The first thing to know is that Wyze Cam V1 didn’t receive any of the security updates necessary. Bitdefender says to stop using any V1 cameras immediately.

After working for more than two years on this issue, logistic and hardware limitations on the vendor’s side prompted the discontinuation of version 1 of the product, which leaves existing owners in a permanent window of vulnerability. We advise users to stop using this hardware version as soon as possible.

In the Wyze app, tap on your Wyze Camscreenshots of wyze app showing how to get into settings
Tap on the Settings gear, then Device Info > Firmware Version.
You can also check and update your firmware from the Home tab, by tapping Account > Firmware Updatescreenshot of wyze app showing the account button
You can also manually update by downloading the firmware updates from Wyze’s official download portal. That’s the only trustworthy place to get firmware updates, so don’t trust any other site offering downloads for your Wyze Cam.

Wyze told BleepingComputer that “both v2 and v3 cameras are perfectly safe to use with the latest firmware update.”

That said, it’s wise to deactivate your Internet of Things devices when they’re not in use, and to have them on a separate, isolated network so they’re not reachable outside your home.

Have any thoughts on this? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

Just a heads up, if you buy something through our links, we may get a small share of the sale. It’s one of the ways we keep the lights on here. Click here for more.

Disclosure: Wyze was a past client of EZPR, a media relations firm where Kevin, KnowTechie’s editor-in-chief, holds a position. However, he did not participate in this post’s writing, editing, or publishing. He remains unbiased and independent in his role at KnowTechie.

Follow us on Flipboard, Google News, or Apple News

Maker, meme-r, and unabashed geek with nearly half a decade of blogging experience at KnowTechie, SlashGear and XDA Developers. If it runs on electricity (or even if it doesn't), Joe probably has one around his office somewhere, with particular focus in gadgetry and handheld gaming. Shoot him an email at joe@knowtechie.com.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

More in News