Actions
Webcams¶
Disassembled devices¶
Cheap SpeedLink Reflect LED Webcam¶
- EtronTech eSP268A7, no external flash/eeprom
- http://www.etron.com/en/products/webcam_detial.php?Product_ID=3
Embedded 8051 with 32KB mask ROM and 2KB SRAM - http://wenku.baidu.com/view/b5b6a2c25fbfc77da269b15b.html
=> Would be vulnerable if it had an external SPI Flash, but the particular webcam has none
=> Most likely not vulnerable
Creative Labs Live! Cam Sync HD Model VFO770¶
- RTS5822 with PM25LD512 SPI Flash (64 KiB)
- http://www.realtek.com.tw/products/productsView.aspx?Langid=1&PNid=30&PFid=43&Level=4&Conn=3&ProdID=346
The RTS5822 supports an internal MCU program ROM, external NOR-Flash interface, and external Serial-Flash interface. With the external Serial-Flash interface, the internal program ROM can be fully replaced and the control firmware can be easily accessed via the USB link. - Chip can be used with internal ROM only
- Hacking the firmware probably allows disabling the recording LED (but this may also be possible by hacking the driver only)
- We could dump the flash contents to check the firmware
- Particular webcam has an SPI flash
=> most likely vulnerable.
Updated by Karsten about 10 years ago · 1 revisions