Bugs In Samsung IoT Hub Leave Smart Home Open To Attack

secwatcher writes from a report via Threatpost: Cisco Talos researchers found flaws located in Samsung's centralized controller, a component that connects to an array of IoT devices around the house -- from light bulbs, thermostats, and cameras. SmartThings Hub is one of several DIY home networking devices designed to allow homeowners to remotely manage and monitor digital devices. "Given that these devices often gather sensitive information, the discovered vulnerabilities could be leveraged to give an attacker the ability to obtain access to this information, monitor and control devices within the home, or otherwise perform unauthorized activities," researchers said in a report. Threatpost goes on to detail the "multiple attack chain scenarios." Thankfully, Samsung has since patched the bugs. "We are aware of the security vulnerabilities for SmartThings Hub V2 and released a patch for automatic update to address the issue," a Samsung spokesperson told Threatpost. "All active SmartThings Hub V2 devices in the market are updated to date." The company released a firmware advisory for Hub V2 devices on July 9th.

Still Smart?

[mentil]

An entity can only be tricked/subverted/exploited so many times before one has to stop calling it 'smart'.

The Day Smart Home Dies

[bankman]

I am so looking forward to the day insurance companies start inserting clauses that they won't cover smart home related cases, insisting that you have to prove your smart home devices weren't to blame for your insurance case. That's probably the only way the current idiotic trend can be averted.