Eufy Homebase 2 Cryptographic Vulnerability Allowing Sensitive Information Decryption

A vulnerability in Eufy Homebase 2, specifically in versions up to and including 3.3.4.1h, allows local attackers to exploit weaknesses in the cryptographic scheme used for Peer-to-Peer (P2P) communication. The issue arises from the encryption keys being derived from predictable, non-secret parameters, which can be intercepted or accessed in plaintext. This flaw enables the passive reconstruction of keys, leading to the decryption of sensitive user media, including images and live P2P streams, without the need for authentication.

Impact

Exploitation of this vulnerability results in a complete loss of confidentiality for stored media and live P2P streams, allowing unauthorized access to private photos and videos.

Reproduction

The vulnerability can be reproduced by intercepting the P2P connection establishment process to capture the PPCS_ID and serial number, which are then used to reconstruct the encryption keys. These keys can decrypt P2P streams or stored media, bypassing the intended security measures.

Remediation

Users are advised to update their Eufy Homebase 2 to version 3.7.2.8 or later. Instructions for updating can be found on the Eufy support website.