Turning Camera Surveillance on its Axis
Noam Moshe
DEF CON 33 (backfill) · Day 1 · Main Stage
In this compelling DEF CON presentation, Noam Moshe, a lead vulnerability researcher at Clarity, unveiled critical security flaws within Axis Communications' enterprise-grade IP camera management solutions. The talk, titled "Turning Camera Surveillance on its Axis," detailed a journey from initial discovery of an obscure internet-exposed service to achieving full, pre-authenticated remote code execution (RCE) on Axis management servers and, subsequently, on the connected IP cameras themselves. This research highlights the inherent risks in complex, proprietary protocols, even when seemingly secured with encryption and authentication.
AI review
Solid IoT/OT vulnerability research with a clean, complete exploit chain — pre-auth RCE on widely deployed enterprise surveillance infrastructure is the real deal. The fallback protocol discovery with the anonymous `/ore` endpoint is the kind of 'wait, what?' moment that makes DEF CON worth attending. Not a 5 because the core vulnerability class (JSON.NET TypeNameHandling.Auto deserialization) is well-documented territory, and the MITM-assisted authenticated RCE leg of the chain leans on known technique; the novelty is in the target and the operational chain, not the primitives.