When the Lights Go Out: Cracking the Sonoff / eWeLink Platforms
December 14, 2020
Smart lighting and automation have opened up tremendous opportunities in residential architecture and design. Whether in plain sight or hidden under drywall, these convenient and relatively inexpensive intelligent outlets and switches can act as a entry points for bad actors or can be hijacked for fun and profit.
This is the case with a vulnerability discovered in the ITEAD Sonoff / eWeLink platform-as-a-service that manages remote control and connectivity between smart switches, relays, or outlets and the software applications controlling them.
Using this vulnerability, a potential attacker can gain control of random devices and remotely access any functionality they offer.
If you want to learn more, please download the full whitepaper below:
Our researchers are regularly inspecting IoT devices and platforms to identify vulnerabilities and develop new mitigations in the Bitdefender IoT Security Platform. This vulnerability was responsibly disclosed by Bitdefender to the affected vendor and the issue has already been fixed.
tags
Author
Information security professional. Living my second childhood at @Bitdefender as director of threat research.
View all postsRight now Top posts
Infected Minecraft Mods Lead to Multi-Stage, Multi-Platform Infostealer Malware
June 08, 2023
Vulnerabilities identified in Amazon Fire TV Stick, Insignia FireOS TV Series
May 02, 2023
EyeSpy - Iranian Spyware Delivered in VPN Installers
January 11, 2023
Bitdefender Partnership with Law Enforcement Yields MegaCortex Decryptor
January 05, 2023
FOLLOW US ON SOCIAL MEDIA
You might also like
Bookmarks
