The manufacturer of an affordable doorbell camera has addressed security flaws that previously exposed users to potential spying.

Consumer Reports, which had initially cautioned against purchasing Eken Group’s cameras, has now retracted its advisory labels.

Eken Group has reportedly released a firmware update to address significant security concerns identified in its affordable doorbell cameras, as revealed by an investigation conducted by Consumer Reports earlier this year. These cameras, which utilize the Aiwit app, are marketed under various brand names such as Eken, Tuck, Fishbot, Rakeblue, Andoe, Gemee, and Luckwolf. Consumer Reports found during testing that these unencrypted cameras had the potential to expose sensitive data like home IP addresses and Wi-Fi networks, enabling unauthorized access to camera feeds using their serial numbers. Consumer Reports now confirms that these issues have been resolved — be sure to update your devices accordingly.

Devices from those brands should now show a firmware version of 2.4.1 or higher, indicating they’ve received the update. Consumer Reports notes that its own test samples received the update automatically, but it’s advisable to verify in your device settings, given the potential risks. The publication has verified that the update effectively addresses the security issues. Additionally, Eken informed Consumer Reports that the two doorbell cameras previously labeled as “Don’t Buy” — the Eken Smart Video Doorbell and Tuck Sharkpop Doorbell Camera — have been discontinued.

These doorbell cameras, previously available on major e-commerce platforms like Amazon, Walmart, and Temu, seem to have been removed from sale. They were found to lack the necessary FCC labeling. Eken Group assured Consumer Reports that future products will include these IDs. After testing the update, Consumer Reports has removed the warning labels from its scorecards.