Belkin Patches WeMo Home Automation Vulnerabilities

Belkin has an intriguing suite of WeMo-branded smart devices for home automation, including light switches, motion detectors, integration with appliances, and more, but security firm IOActive recently discovered multiple vulnerabilities in WeMo--vulnerabilities that Belkin says it has now patched.
 
Belkin’s statement on the subject reads in part:
Belkin has corrected the list of five potential vulnerabilities affecting the WeMo line of home automation solutions that was published in a CERT advisory on February 18. Belkin was in contact with the security researchers prior to the publication of the advisory, and, as of February 18, had already issued fixes for each of the noted potential vulnerabilities via in-app notifications and updates. 
 
The most recent firmware update resolves the issues, which included the ability for a hacker to snag cryptographic keys and passwords, the ability to hack one WeMo device from another, an XML injection vulnerability, and a lack of SSL integrity.

 

Comments (0)

This post does not have any comments. Be the first to leave a comment below.


Post A Comment

You must be logged in before you can post a comment. Login now.

Featured Product

ELK Products -M1 GOLD with Two-Way Wireless

ELK Products -M1 GOLD with Two-Way Wireless

The M1 Gold Security & Automation Control combines security, fire, energy management, lighting, and access control to provide total control of the home. Easily integrating with products of industry partner manufacturers, M1 controls offer a truly customized solution. With remote access capabilities and simple, user-friendly interfaces, M1 keeps homeowners informed and in control, anytime, anywhere! ELK's Two-Way Wireless family of products for the M1 offers a truly secure and reliable wireless solution with cutting edge techniques such as frequency hopping and UL approved jamming detection to defend against interference, hacking, and jamming. Advanced features ensure reliability, extend battery life, and provide innovative security enhancements including wirelessly interconnected smoke detectors, motion detectors with built-in security/convenience lights, and key fobs with a system status inquiry button, allowing users to see if an alarm has been activated before entering the home.