- Scientists claim to have found a way to transform a lenovo -webcam into a badusb -device
- BADUSB is a firmware vulnerability that makes a USB stick into a malware-writing weapon
- Lenovo released a firmware update so users need to patch now
Your device’s webcam can be reprogrammed to turn on for you and serve as a back door for a threat actor, experts have warned.
Eclypsium security researchers claim that certain Lenovo-Webcam models driven by Linux can be converted into so-called “badusb” devices.
The error is now traced as CVE-2025-4371. It still doesn’t have a difficulty, but it has a nickname – Badcam.
Reflashing Firmware
For approx. A decade ago, researchers found a way to reprogram a USB device’s firmware to act malicious and let it mimic keyboards, network cards or other devices. This allows it to run commands, install malware or steal data, and the biggest advantage compared to traditional malware is that it can successfully bypass traditional security measures.
The vulnerability was called “badusb” and was seen abused in nature when threat actors Fin7 began sending weapons-related USB drives to US-based organizations. At one point, the FBI even began to warn people not to connect USB devices found in office toilets, airports or received in the mailbox.
Now Eclypsium says the same thing can be done with certain USB webcams, built by Lenovo and driven by Linux.
“This allows external attackers to inject keystrokes and launch attacks independently of host surgery system Hacker the news.
“An attacker who gets remote code execution on a system can reflect the firmware from an affiliated Linux-driven webcam, which reuses it to behave as a malicious time or to emulate additional USB devices,” the researchers explained.
“Once that is weapon, the seemingly innocent webcam can inject keystrokes, deliver malicious payloads, or serve as a foothold for deeper persistence, all of maintaining a standard camera outward and core functionality.
Getting remote access to a webcam requires the device to be compromised in the first place, in which case the attacker can do whatever they want. However, users should be careful not to connect other people’s web cameras or buy such products from shady internet stores.
Lenovo 510 FHD and Lenovo Performance FHD Webcams were said to be vulnerable and a firmware update version 4.8.0 was released to reduce the threat.
