Security Announcement: Monitoreal Firmware Update 2.1.0.

Our latest Monitoreal firmware release, version 2.1.0, brings a critical security enhancement that we strongly recommend all users install on their devices. In this update, we include important security improvements for all Monitoreal Hub owners.

Monitoreal Firmware 2.0

At Monitoreal, protecting our customers’ privacy and data is our highest priority. While our on-premises video security appliances are designed to be extremely safe when configured properly, we continuously perform rigorous internal testing – including penetration testing from local networks – to identify any potential vulnerabilities that could arise from device misconfigurations or improperly secured network environments.

During recent lab testing, our team identified a potential edge-case vulnerability that, under specific conditions, could allow an attacker with physical access to the local network, internal knowledge of that network, and access to one Monitoreal device to potentially attempt unauthorized management access to other Monitoreal devices on the same network. The mechanism involved intercepting and re-using a device authentication token.

It’s important to emphasize the following:

  • This issue was discovered internally in a controlled lab environment.
  • There is no evidence that it has ever been exploited in real-world deployments.
  • Exploitation requires local network access, technical skill, and a non-default network configuration that is not aligned with our recommended security practices.

Our engineering team has already developed a patch that fully mitigates the issue, and it is now available as part of a regular software update. We strongly recommend that all users update their devices to ensure they are running the latest version.

Monitoreal devices remain one of the most secure solutions available today. Because our systems operate fully on-premises, without reliance on cloud processing, they inherently reduce the attack surface and offer significantly stronger privacy guarantees than cloud-based alternatives.

We appreciate our customers’ continued trust and support. We remain committed to ongoing improvement, proactive testing, and delivering the most private and secure video security solutions on the market.

Find out more in the Release Notes, available here

 –  The Monitoreal Team