[ad_1]
Samsung has ended several serious vulnerabilities in the SmartThings Hub allowing a remote attacker to open smart door locks, disarm the motion detector of an alarm system or to see cameras in a house.
for 20 vulnerabilities discovered by Cisco researchers. The SmartThings Hub is a central control hub that manages various Internet-of-Things devices, such as smart plugs, lights, thermostats, cameras, and other devices that can be installed in a smart home. With the help of a smartphone, the user can connect to the SmartThings Hub and remotely control connected devices.
Cisco researchers discovered that it was possible for an attacker to execute remote code on the device. By linking different vulnerabilities, full system control could be achieved without any authentication. Among other things, by sending an http request to the hub and SQL injection, it was possible to abuse vulnerabilities.
On a scale of 1 to 10 in terms of severity of vulnerabilities, several vulnerabilities were evaluated at 9.9. After being notified, Samsung has released a firmware update for the device that is installed automatically. It is advisable to device users to check if they have also received the update.
Source link
