How Hackers Take Over Security Cameras (and What You Can Do About It): A Conversation With Claroty’s Noam Moshe

Claroty researcher Noam Moshe detailed critical vulnerabilities in Axis IP camera infrastructure—rooted in the proprietary, serialized Axis.remoting protocol—that enable interception, deserialization-based remote code execution, and takeover of management servers and their managed camera fleets; exploits could allow video manipulation, espionage, lateral movement into networks, and mass compromise. The flaws were responsibly disclosed and patched by Axis, but the report stresses many exposed servers remain internet-accessible, recommends prompt patching, network segmentation, VPNs, PKI use, and improved visibility to mitigate ongoing risk.