Consumer drone manufacturer DJI fixed a security flaw in its website and apps. The DJI security flaw—revealed today—could have been bad.
The vulnerability, revealed Thursday by researchers at security firm Check Point, would have given an attacker complete access to a DJI users’ cloud stored data, including drone logs, maps, any still or video footage — and live feed footage through FlightHub, the company’s fleet management system — without the user’s knowledge.
It doesn’t sound like any customer data was actually accessed, but DJI and CheckPoint say it would be difficult to know for sure.
Check It Out: DJI Security Flaw Could Have Exposed Accounts