The application security testing company Checkmarx discovered a high severity vulnerability in the Amazon Ring app for Android. After discovery, Checkmarx disclosed the vulnerability to Amazon on May 1st, 2022. Amazon fixed the bug relatively quickly. If left unfixed, it could have potentially given attackers the ability to access and obtain saved Ring camera records. With access to these records, attackers could be capable of extortion and data theft. Activity was left exposed within the app and it could be launched on other apps that were on the Android device. “This activity would accept, load, and execute web content from any server, as long as the Intent’s destination URI contained the string “/better-neighborhoods/”, read a portion of the report from Checkmarx.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in