Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?



InfiRay Thermal Camera Flaws Can Allow Hackers to Tamper With Industrial Processes

InfiRay thermal cameras are affected by vulnerabilities that could allow malicious hackers to tamper with industrial processes, including to disrupt production or to make modifications that result in lower quality products.

InfiRay thermal cameras are affected by vulnerabilities that could allow malicious hackers to tamper with industrial processes, including to disrupt production or to make modifications that result in lower quality products.

InfiRay is a brand of China-based iRay Technology, which manufactures optical components. InfiRay specializes in the development and manufacturing of infrared and thermal imaging solutions, with its products being sold in 89 countries and regions.

Researchers at Austria-based cybersecurity consultancy SEC Consult discovered that at least one of the vendor’s thermal cameras, the A8Z3 model, is affected by several potentially serious vulnerabilities.Vulnerabilities found in InfiRay industrial thermal cameras

The A8Z3 device, sold on the Chinese marketplace Alibaba for nearly $3,000, is designed for a wide range of industrial applications.

According to SEC Consult, the product is affected by five types of potentially critical vulnerabilities. One issue is related to hardcoded credentials for the camera’s web application. Since these accounts cannot be deactivated and their passwords cannot be changed, they can be considered backdoor accounts that can provide an attacker access to the camera’s web interface. From there, an attacker can leverage another vulnerability for arbitrary code execution.

The researchers also found a buffer overflow in the firmware, and multiple outdated software components that are known to contain vulnerabilities. They also found a Telnet root shell that by default is not protected by a password, giving an attacker on the local network the ability to execute arbitrary commands as root on the camera.

SEC Consult has not seen any of these thermal cameras exposed to the internet. However, an attacker who can gain network access to a device could exploit the flaws to cause some serious damage.

Learn more about vulnerabilities in industrial systems at SecurityWeek’s 2022 ICS Cyber Security Conference 

Advertisement. Scroll to continue reading.

“The camera is used in industrial environments to check/control temperatures. The test device was located in a factory, where it verified that metal pieces arriving on a conveyor belt were still hot enough for the next process step,” explained Steffen Robertz, a SEC Consult security consultant specializing in embedded systems.

“An attacker would be able to report wrong temperatures and thus create inferior products or halt the production,” Robertz said. “The temperature output might also be fed in a control loop. By reporting a lower temperature, the temperature of, for example, a furnace might be increased automatically.”

SEC Consult told SecurityWeek that it did not test other devices from this vendor, but based on past experience it’s likely that similar vulnerabilities affect other products as well.

SEC Consult reported its findings to the vendor more than a year ago, but the company has been unresponsive so it’s unclear if patches are available. The cybersecurity firm has made public some technical details, but it did not release proof-of-concept (PoC) exploits.

SecurityWeek has reached out to InfiRay for comment, but the company has yet to respond.

Related: Vendor Refuses to Remove Backdoor Account That Can Facilitate Attacks on Industrial Firms

Related: Hundreds of Thousands of Konica Printers Vulnerable to Hacking via ​​Physical Access

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...