Login Sign Up

CVE-2024-25731

7.5 HIGH

📋 TL;DR

The Elink Smart eSmartCam Android app version 2.1.5 contains hardcoded AES encryption keys in its binary, allowing attackers who can intercept network traffic (e.g., over Wi-Fi) to decrypt sensitive data. This affects all users of this specific Android application version who transmit data over potentially observable networks.

💻 Affected Systems

Products:
  • Elink Smart eSmartCam Android application
Versions: 2.1.5
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: All installations of version 2.1.5 are vulnerable regardless of configuration. The vulnerability is in the application binary itself.

📦 What is this software?

Esmartcam by Elinksmart

View all CVEs affecting Esmartcam →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers decrypt all camera video/audio streams, access device credentials, and potentially compromise the entire smart camera ecosystem, leading to privacy violations and unauthorized surveillance.

🟠

Likely Case

Attackers on the same network decrypt transmitted video/audio data, violating user privacy by accessing camera feeds without authorization.

🟢

If Mitigated

With proper network segmentation and encryption controls, impact is limited to isolated network segments, but the fundamental vulnerability remains in the app.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires network access to intercept traffic, but the hardcoded keys are publicly documented in GitHub repositories.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None known

Restart Required: No

Instructions:

1. Check Google Play Store for app updates from the vendor. 2. If no update is available, uninstall the vulnerable version. 3. Contact the vendor for patch information.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate the camera and mobile device on a separate VLAN or network segment to limit exposure.

Disable Wi-Fi Camera Access

android

Use cellular data instead of Wi-Fi for camera connectivity when possible to reduce interception risk.

🧯 If You Can't Patch

  • Uninstall the vulnerable application immediately.
  • Replace with a different camera application from a trusted vendor with proper encryption practices.

🔍 How to Verify

Check if Vulnerable:

Check the app version in Android Settings > Apps > eSmartCam. If version is 2.1.5, it is vulnerable.

Check Version:

No command needed; check via Android app settings.

Verify Fix Applied:

Verify the app has been updated to a version later than 2.1.5, or confirm it has been uninstalled.

📡 Detection & Monitoring

Log Indicators:

  • Unusual network decryption attempts or errors in app logs, though limited due to the nature of the vulnerability.

Network Indicators:

  • Unexpected decryption of camera traffic using known hardcoded keys, detectable via network monitoring tools.

SIEM Query:

Not typically applicable for this client-side app vulnerability; focus on endpoint and network monitoring for suspicious traffic patterns.

📊 Metadata

CVE ID: CVE-2024-25731
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-798
Published: March 5, 2024
Last Updated: March 26, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-25731, you might also want to check these:

CVE-2025-20188 10.0

This critical vulnerability in Cisco IOS XE Wireless LAN Controllers allows unauthenticated remote a...

Same vulnerability type (CWE-798)
CVE-2026-22769 10.0

Dell RecoverPoint for Virtual Machines versions before 6.0.3.1 HF1 contain hardcoded credentials tha...

Same vulnerability type (CWE-798)
CVE-2021-0248 10.0

This vulnerability involves hard-coded credentials in Juniper Junos OS on NFX Series devices, allowi...

Same vulnerability type (CWE-798)