Hackers Can Skip Login Protections to Access the ‘choco tei’ Camera
An industrial camera common to Japanese manufacturer production lines has unpatched vulnerabilities allowing hackers to secretly access live footage or stop it from recording.
See Also: Future-Proof Your Business: A Comprehensive Guide to Application Modernization and Development for Public and Private Sectors
Researchers at industrial and IoT security firm Nozomi Networks said Tuesday that unauthenticated hackers could bypass and take full control of a compact video monitor known as the “choco tei.”
More formally the “Choco Tei Watcher mini” and made by Japanese firm Inaba, the camera automatically starts recording after detecting a stop signal on the production line. Recorded video, which includes a saved live feed timed slightly before the incident, is used for later analysis to find the root cause of the stoppage. The cameras are commonly deployed in sectors such as automotive, electronics, food processing and pharmaceuticals.
Nozomi researchers identified four vulnerabilities in the camera, including flaws stemming from weak password requirements and forced browsing, a high-severity issue linked to client-side authentication and a medium-severity flaw involving improper password storage.
An attacker could bypass the login in process and leverage these vulnerabilities to “access live footage for surveillance or disrupt the recording of production line stoppages preventing the capture of critical moments.”
Nozomi warned that these vulnerabilities could enable industrial espionage, giving competitors or malicious actors the ability to spy on proprietary manufacturing processes. Attackers could gain insights into workflow optimizations, specialized machinery usage and product assembly techniques. The issue raises privacy concerns, since employees may be unknowingly monitored. Attackers could analyze security gaps, such as unattended machinery or shift changes, to undertake further disruption.
The security firm said that the forced browsing vulnerability could allow attackers to manipulate or delete recorded footage. This could lead to the loss of critical diagnostic data, making it harder to identify and address operational inefficiencies, potentially causing extended downtime and increased costs.
Nozomi disclosed its findings to Inaba, but the company has yet to release patches. The vendor though advised customers to mitigate risks by blocking access to the cameras from untrusted firewalls.
The U.S. Cybersecurity and Infrastructure Security Agency issued an advisory on Tuesday highlighting security risks associated with the camera. CISA urged affected organizations to apply recommended mitigations, such as enforcing strong authentication measures and restricting network access.