I just stumbled across something interesting regarding novatek hacking:

CVE-2018-4018

Actually someone (Lilith from Cisco Talos) discovered a vulnerability in wifi enabled novatek dashcams.
You can read more details here:https://talosintelligence.com/vulner...ALOS-2018-0689

It even mentions the checksum cracking done by ntkcalc and packing via bfc4ntk

It's listed at MITRE and NIST:
https://cve.mitre.org/cgi-bin/cvenam...=CVE-2018-4018
https://nvd.nist.gov/vuln/detail/CVE-2018-4018

According to their timeline, Novatek needs to know about the firmware hacking by now
2019-01-22 - TWNCERT contacted Novatek and advised Novatek will check emails for reports
2019-03-06 - 90+ day follow up - Talos asks TWNCERT for direct point of contact for Novatek
2019-03-27 - Talos sends follow up to TWNCERT
2019-04-02 - Talos sends copies of email correspondence and reports to TWNCERT
2019-04-18 - Suggested pubic disclosure date of 2019-05-13 (171 days after initial disclosure)
2019-04-19 - Vendor fixed issue and provided patch to their IDH

Have a nice day,
[email protected]