It’s time to check your phones and tablets to make sure you are running the latest version of the Ring app for your Ring Doorbell and associated cameras. A vulnerability was recently found (and patched in the latest version) that brought serious problems with it.
The found vulnerability could allow hackers to listen in on your feed as you are live broadcasting it via the app. Due to encryption issues with the feed, anyone behind the network could possibly take advantage of this by intercepting the data. Thankfully the attacker would have to have access to the W-Fi network in order for this to be possible, but the vulnerability is a vulnerability nonetheless.
Not only could the attacker listen in, but they could also inject information into the feed before it reached the users app, allowing them to inject false images to trick the user with (ie, showing a family member standing at the door instead of a potential thief).
All of this was discovered by researchers working at Dojo (by BullGuard) and Ring has since patched this vulnerability with the latest version of the Ring app. So Ring users would be wise to check their current app to make sure they have the latest.
A Ring spokesperson has responded with the following: “Customer trust is important to us and we take the security of our devices seriously. The issue in the Ring app was previously fixed and we always encourage customers to update their apps and phone operating systems to the latest versions.”
Running an older version could run the risk of this vulnerability being present, leaving them open to the attack. Checking to make sure you have the most current version is usually as easy as visiting your mobile device’s app store and telling it to check for any app updates.
To this day, Ring is still one of our absolute favorite options when it comes to self-managed security setups at home. A number of us here subscribe to their cloud services and find it to be one of the most reliable yet.