CVE-2024-34896
📋 TL;DR
The Nedis SmartLife Video Doorbell fails to properly terminate peer-to-peer connections, allowing previously connected users to continue accessing live video feeds after disconnection. This affects users of the Nedis SmartLife Video Doorbell (WIFICDP10GY) with the Nedis SmartLife iOS app version 1.4.0.
💻 Affected Systems
- Nedis SmartLife Video Doorbell (WIFICDP10GY)
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Unauthorized individuals gain persistent access to live video feeds from doorbell cameras, enabling surveillance of private property and potential identification of residents' comings and goings.
Likely Case
Previous users or attackers who gained temporary access maintain unauthorized video surveillance capability without the homeowner's knowledge.
If Mitigated
With proper network segmentation and monitoring, unauthorized access attempts could be detected and blocked before significant privacy violations occur.
🎯 Exploit Status
Requires previous legitimate or compromised access to establish initial connection before exploiting the persistence flaw.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Unknown - check vendor for updated app version
Vendor Advisory: http://nedis.com
Restart Required: No
Instructions:
1. Check Nedis website for security updates. 2. Update Nedis SmartLife iOS app through Apple App Store. 3. Ensure doorbell firmware is updated if available. 4. Review and revoke any unauthorized app connections.
🔧 Temporary Workarounds
Network Segmentation
allIsolate the doorbell on a separate VLAN or guest network to limit lateral movement if compromised.
Connection Monitoring
iOSRegularly review and manually disconnect all active connections to the doorbell through the app interface.
🧯 If You Can't Patch
- Disable remote access features and use the doorbell only locally
- Physically disconnect the device when not in use or replace with a different model
🔍 How to Verify
Check if Vulnerable:
Check if you can access live video feed after disconnecting from the app or if previous users still have access.Check Version:
Check app version in iOS Settings > [App Name] > VersionVerify Fix Applied:
Test that disconnecting from the app immediately terminates all video feed access for that user.📡 Detection & Monitoring
Log Indicators:
- Unexpected persistent connections to doorbell video stream
- Multiple simultaneous connections from different IPs
Network Indicators:
- Sustained video streaming traffic after user disconnection
- Unusual P2P connection patterns
SIEM Query:
Network traffic showing video streaming to previously disconnected IP addresses