Hackers Could Use Smart Displays to Spy on Meetings
By exploiting flaws in popular video conferencing hardware from DTEN, attackers can monitor audio, capture slides—and take full control of devices.
Add another entry to the list of internet-connected devices causing problems in unexpected places. Touchscreen smart TVs from DTEN, a “certified hardware provider” for popular video conferencing service Zoom, have flaws that hackers could use to essentially bug conference rooms, lift video feeds, or nab notes written on the device’s digital whiteboard. Just one more reason to hate long meetings.
Security firm Forescout discovered the vulnerabilities in July when its researchers turned their bug hunting skills on the video conferencing units sitting in their own office meeting rooms. After two weeks conducting a surface-level security review of the DTEN D5 and D7 connected displays, the team found five bugs. Three have been patched, but two remain vulnerable. After disclosing the flaws to DTEN at the beginning of August, the researchers wanted to come forward with the findings to raise awareness about the threat of security issues lurking in inconspicuous devices.