Consumer Reports recently reported that a company that manufactures video doorbells, Eken Group, has issued a fix for serious security vulnerabilities found in their products. The security flaws allowed a dangerous person to take control of the doorbell and remotely view still images from the video feed without needing a password or account. Additionally, the doorbells did not encrypt the user’s IP address or Wi-Fi network, leaving them potentially exposed to criminals. The affected video doorbells were sold under various brand names, including Eken, Fishbot, Rakeblue, and Tuck, and were available on popular online retailers like Amazon, Shein, Temu, and Walmart.
The vulnerabilities in the video doorbells were uncovered by CR in February, prompting Eken Group to issue a firmware update for the affected products. The update has been reviewed by CR and confirmed to have fixed the security issues. Despite the security flaws, the doorbells were highly rated by retailers like Amazon and were given the Amazon’s Choice badge, which has unknown criteria and has raised concerns about the vetting process for products sold on the platform. In response to CR’s report, the FCC has asked Amazon, Sears, Shein, Temu, and Walmart for more information on how they vet products sold on their platform.
CR found that Eken’s video doorbells also lacked the required Federal Communications Commission ID labels, which the company has since added to the electronic manuals for the doorbells. Many of the Eken doorbells have been removed from online retailers since CR’s report was published. If you own an Eken-produced video doorbell, it is recommended to check if your firmware is up to date. The doorbell should receive the update automatically, but it is wise to double-check by going to the “Devices” page on the Aiwit app and tapping on the doorbell’s name to access the settings. The firmware number should be 2.4.1 or higher to indicate that it is up to date.
CR’s testing uncovered the vulnerabilities in the Eken-produced video doorbells, resulting in improved products for consumers. The fix issued by Eken Group addresses the security weaknesses found in the doorbells, ensuring that the devices are now safe and secure for users. The company’s response to the security issues has led to increased scrutiny from both consumer advocacy groups and regulatory bodies like the FCC. Overall, the incident highlights the importance of regularly updating firmware on smart home devices to protect against potential security breaches and unauthorized access to personal data.