Security Experts:

Connect with us

Hi, what are you looking for?


IoT Security

Google Blocks Xiaomi Integrations Over Privacy Concerns

Google last week disabled all Xiaomi integrations on Nest Hub after learning that some users could access other people’s camera feeds. 

Google last week disabled all Xiaomi integrations on Nest Hub after learning that some users could access other people’s camera feeds. 

The issue was initially reported on January 1, 2020, when a user posted on Reddit, revealing that their Nest Hub was able to access feeds from other people’s Xiaomi cameras. The user also posted screenshots to prove the discovery. 

Although the Mi Home Security Camera Basic 1080p was found at fault, Google decided to disable all Xiaomi integrations on its devices. As it turned out, only the Mi Home Security Camera Basic 1080p was found to be at fault.

“We’ve been working with Xiaomi and we’re comfortable that the issue was limited to their camera technology platform,” a Google employee posted in a thread on the company’s support website. 

After a thorough investigation, Google decided to re-enable Xiaomi device integrations, but left camera streaming disabled. 

“We will not reinstate camera functionality for Xiaomi devices until we are confident that the issue has been fully resolved. We’ll keep you updated with information as more becomes available to share,” Google said. 

The issue was apparently caused by a cache update on December 26, 2019, and only occurred in specific conditions. Around 1000 users are believed to have been affected by the bug. 

Although Google has re-enabled Xiaomi integration on Nest Hub, many users are still complaining of failed attempts to reconnect their devices, comments on Google’s support website reveal. 

Related: Google’s Nest Hub Has a Microphone It Forgot to Mention

Related: Bug Hunters Earn $195,000 for Hacking TVs, Routers, Phones at Pwn2Own

Related: Zero-Day Exploits Earn Hackers Over $500K at Chinese Competition

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

IoT Security

A vulnerability affecting Dahua cameras and video recorders can be exploited by threat actors to modify a device’s system time.

IoT Security

Vulnerabilities in electric vehicle charging management systems can be exploited for DoS attacks and to steal energy or sensitive information.

IoT Security

Today’s growing attack surface is dominated by non-traditional endpoints.

Cybersecurity Funding

Internet of Things (IoT) and Industrial IoT security provider Shield-IoT this week announced that it has closed a $7.4 million Series A funding round,...

IoT Security

Australia's Defense Department said that they will remove surveillance cameras made by Chinese Communist Party-linked companies from its buildings.

IoT Security

Chinese video surveillance company Hikvision has patched a critical vulnerability in some of its wireless bridge products. The flaw can lead to remote CCTV...