Researchers revealed 20 vulnerabilities in Samsung SmartThings Hub
If you are so inclined, you could connect all sorts of smart devices to the Samsung SmartThings Hub as a handy way to control them, but researchers revealed 20 vulnerabilities that could have allowed an attacker to remotely control devices connected to the hub.
Cisco Talos researchers revealed the 20 vulnerabilities that attackers could have exploited to unlock smart locks, remotely spy on people in their homes via IP cameras, disable motion detectors, control thermostats, control smart plugs to turn connected things off or on and even cause physical damage to appliances and devices connected to the smart plugs.
Those are but a few examples of what attackers could have remotely controlled as the Linux-based SmartThings Hub can communicate with all kinds of IoT devices such as those using Zigbee, Z-Wave, Ethernet and Bluetooth. Last week, Cisco Talos added, “Given that these devices often gather sensitive information, the discovered vulnerabilities could be leveraged to give an attacker the ability to obtain access to this information, monitor and control devices within the home, or otherwise perform unauthorized activities.”
The researchers admitted that some of the vulnerabilities would be challenging to exploit, but chained together the flaws could result in a “significant attack on the device.” They found “three notable chains, the last of which allows for remotely compromising the device without prior authentication.”
After describing the notable chains, the researchers discussed multiple attack vectors such as “anyone owning a valid OAuth bearer token, or the relative username and password pair to obtain it, can talk to the remote SmartThings servers as an authenticated user.”
The full list of the 20 identified bugs and a description of each can be found in the Cisco Talos blog post.
“While devices such as the SmartThings Hub are typically deployed to provide additional convenience and automation to users,” the researchers wrote, “special consideration must be made to ensure that they are configured securely, and updated when new firmware updates are made available by the manufacturer. Given that these devices can be deployed in many different scenarios, the impact of a successful attack against them could be severe.”
Cisco Talos did not go public with the vulnerabilities until Samsung had issued a patch for the SmartThings Hub V2. The new firmware was released on July 9. Samsung has been issuing statements to the public about taking “security very seriously” and designing its products and services “with security as a priority.” Samsung added that “all active SmartThings Hub V2 devices in the market are updated to date.”
The good news is that Samsung automatically pushes out firmware updates; yet the researchers advised manually verifying that the updated version was applied and the devices are no longer vulnerable. You can check the firmware version from the SmartThings mobile app, classic app or via the hub’s web console.
Post a Comment