Belkin Patches WeMo Home Automation Vulnerabilities

Belkin has an intriguing suite of WeMo-branded smart devices for home automation, including light switches, motion detectors, integration with appliances, and more, but security firm IOActive recently discovered multiple vulnerabilities in WeMo--vulnerabilities that Belkin says it has now patched.
 
Belkin’s statement on the subject reads in part:
Belkin has corrected the list of five potential vulnerabilities affecting the WeMo line of home automation solutions that was published in a CERT advisory on February 18. Belkin was in contact with the security researchers prior to the publication of the advisory, and, as of February 18, had already issued fixes for each of the noted potential vulnerabilities via in-app notifications and updates. 
 
The most recent firmware update resolves the issues, which included the ability for a hacker to snag cryptographic keys and passwords, the ability to hack one WeMo device from another, an XML injection vulnerability, and a lack of SSL integrity.

 

Comments (0)

This post does not have any comments. Be the first to leave a comment below.


Post A Comment

You must be logged in before you can post a comment. Login now.

Featured Product

Luxul - Not just a router, it's EPIC

Luxul - Not just a router, it's EPIC

The network is the foundation on which modern entertainment, security, control and automation systems are built. The new Epic series of routers from Luxul are designed to help integration professionals build that foundation and deliver a great customer experience. The router is a critical piece of every network-connecting a local network to the Internet, controlling traffic and providing security. With the release of its new Epic series, Luxul has redefined the router, adding capabilities that make it far more than just a traditional router. In addition to being high-performing commercial grade routers, the Epic series offers a platform for optimizing the user experience in smart homes, workplaces, retail establishments and more. This experience is delivered through Luxul and third-party applications running on the Epic platform.