Check Point Researchers Rectify Vulnerability in DJI’s User Identification Process

  • Our Bureau
  • 11:53 AM, November 13, 2018
  • 2038
Check Point Researchers Rectify Vulnerability in DJI’s User Identification Process
Phantom 3 advanced drone (image: DJI)

DJI and Check Point Researchers shared details of a potential vulnerability in the user identification process within DJI’s online Forum that could have enabled an attacker to gain access to user's account.

In a report submitted in accordance with DJI's Bug Bounty Program, Researchers discovered that DJI's platforms used a token to identify registered users across different aspects of the customer experience, making it a target for hackers looking for ways to access accounts.

DJI consumer users who had synced their flight records, including photos, videos and flight logs to DJI's cloud servers, and DJI corporate users who used DJI FlightHub software, which includes a live camera, audio and map view, could have become vulnerable, had it not been rectified, Check Point said in a statement on Tuesday.

Also Read

US Air Force Requisitions Chinese Origin DJI Drones

September 26, 2018 @ 01:38 PM

China Rubbishes Reports of Laser Attacks from its Djibouti Base

May 3, 2018 @ 12:40 PM

US Marines Harrier Fighter Jet Crashes in Djibouti

April 4, 2018 @ 09:29 AM

Chinese Army Conducts Live-fire Exercise Using Armored Vehicles at Djibouti Base

November 25, 2017 @ 08:01 AM
FEATURES/INTERVIEWS