Security patch for Tadpole
Opal’s security researchers recently discovered a vulnerability affecting Tadpole devices and have released a firmware update with a patch. The problem stems from decisions made upstream, which can introduce vulnerabilities to our end customers.
The vulnerability, discovered earlier this week, is linked to components provided by chip supplier VVDN Technologies Inc.. This can expose the ability for a malicious party to reflash file system updates onto devices containing Ambarella’s “CV” series chips. The Tadpole is one of the cameras using this chip.
Opal has notified VVDN Technologies Inc. of these issues and is expecting a fix soon. Out of an abundance of caution, the Opal team has released a patch, available here, as a temporary stopgap.
Opal encourages Tadpole customers to update their firmware for the safest experience, ahead of the full and final patch from the chip manufacturer.
Security is a priority at Opal. For any questions, reach out to security@opalcamera.com.