7
PSA: Older Wemo Smart Plugs Have Vulnerability That Leaves Them Open to Attack
source link: https://forums.macrumors.com/threads/psa-older-wemo-smart-plugs-have-vulnerability-that-leaves-them-open-to-attack.2389722/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
PSA: Older Wemo Smart Plugs Have Vulnerability That Leaves Them Open to Attack
Apr 12, 2001
60,161
24,536
Older Wemo smart plugs from Belkin have a vulnerability that allows them to be hacked, according to a blog post from security researchers at Sternum. The Wemo Mini Smart Plug V2 (model F7C063) from 2019 is vulnerable to a buffer overflow attack that can be used execute commands remotely.
Basically, the Wemo Mini Smart Plug V2 has a 30 character name limit that can be overwritten, leading to an exploitable memory buffer error. Full details on how the exploit works are available from Sternum.
Belkin told Sternum that it has no plans to update the Wemo Mini Smart Plug V2 because it is at the end of its life after four years and has been replaced with newer models. That leaves many potential Belkin customers vulnerable, as there are likely many of these smart plugs being used in the wild.
Sternum recommends that people prevent the Wemo Mini Smart Plug V2 from accessing the internet and communicating with other devices like the iPhone because of the vulnerability, but the safest bet would be to remove the plugs and replace them with something more secure.
Article Link: PSA: Older Wemo Smart Plugs Have Vulnerability That Leaves Them Open to Attack
Belkin told Sternum that it has no plans to update the Wemo Mini Smart Plug V2 because it is at the end of its life after four years and has been replaced with newer models. That leaves many potential Belkin customers vulnerable, as there are likely many of these smart plugs being used in the wild.
Sternum recommends that people prevent the Wemo Mini Smart Plug V2 from accessing the internet and communicating with other devices like the iPhone because of the vulnerability, but the safest bet would be to remove the plugs and replace them with something more secure.
Article Link: PSA: Older Wemo Smart Plugs Have Vulnerability That Leaves Them Open to Attack
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK