Primary

Context

Amazon Cloud Cam Insecure Device Pairing Vulnerability

Vulnerability

A vulnerability exists in the Amazon Cloud Cam, a home security camera that has reached its end-of-life and is no longer supported. When powered on, the camera attempts to connect to a deprecated remote service. In this pairing mode, an arbitrary user can bypass SSL pinning to link the device to any network, enabling interception and modification of network traffic.

Impact

Exploitation of this vulnerability allows for insecure device pairing, bypassing SSL pinning, and interception and modification of network traffic.

Remediation

Users are advised to discontinue the use of Amazon Cloud Cam, as the product is no longer supported.

Added: Jun 12, 2025, 8:17 PM

Updated: Jun 12, 2025, 8:17 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

6.2

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

6.2

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Amazon Cloud Cam Insecure Device Pairing Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating