Researchers Uncover Over a Dozen Security Flaws in Akuvox E11 Smart Intercom
Mar 13, 2023
Enterprise Security / Privacy
More than a dozen security flaws have been disclosed in E11, a smart intercom product made by Chinese company Akuvox . "The vulnerabilities could allow attackers to execute code remotely in order to activate and control the device's camera and microphone, steal video and images, or gain a network foothold," Claroty security researcher Vera Mens said in a technical write-up. Akuvox E11 is described by the company on its website as a " SIP [Session Initiation Protocol] video doorphone specially designed for villas, houses, and apartments." The product listing , however, has been taken down from the website, displaying an error message: "Page does not exist." A snapshot captured by Google shows that the page was live as recently as March 12, 2023, 05:59:51 GMT. The attacks can manifest either through remote code execution within the local area network (LAN) or remote activation of the E11's camera and microphone, allowing the adversary to c