Parents, take note. Security company Rapid7 on Wednesday published(Opens in a new window) details on vulnerabilities it discovered in several baby monitors.

The company, which posted its report after alerting the affected vendors, claims that in some cases, a remote user can access a baby monitor and see live and recorded video collected from the cameras.

The findings illustrate the balance parents must consider as they think about baby monitors. On the one hand, the devices are useful, providing them a real-time view of what their child is doing in another room. On the other, they are often Web-connected, potentially allowing a malicious hacker to gain access and view their child from afar.

During the course of its study, Rapid7 examined devices from Philips, Lens, iBaby, and others. The company found that all of the devices it reviewed contained at least some sort of security issue. In the case of the iBaby, Rapid7 found that hackers could watch recorded video stored on the ibabycloud.com server. The Philips In.Sight B120/37 allowed hackers access to live video.

It’s worth noting that gaining access to the video isn’t so simple, as outlined in Rapid7’s step-by-step outline. What’s more, a hacker would need to actively work his or her way around the Web to find an exploitable camera.

To ease the concern, Rapid7 also provided ways to mitigate the security issues, though the company did say in some cases that customers will need to wait on firmware updates, like the one coming to the Philips device.

A Philips spokesperson told PCMag in a statement that a fix is in the works and will be released soon. It is also unaware of anyone falling victim to the hack:

“Philips has become aware of identified potential security vulnerabilities in a discontinued version of a product manufactured and sold by the company. This product category is now licensed to another company, Gibson Innovations, under the Philips brand name. Gibson Innovations is aware of the identified security vulnerabilities, and has been developing and implementing software updates for the affected discontinued version of the product. The software update is expected to be available to the general public by the first week of September 2015.

“As part of our Responsible Disclosure policy and processes, Philips has been in contact with both Gibson Innovations and the security research firm investigating this issue, to promptly and transparently address known and potential vulnerabilities in Philips products. Philips and Gibson Innovations are committed to ensuring the security and integrity of our products.”

Whilst the security vulnerabilities are a concern and are being addressed, at this time we are not aware of any consumers who have been directly affected by this issue.

iBaby did not immediately respond to a request for comment.