The thing about connected objects like smart locks, smart thermostats, smart bulbs, and etc. is that when it comes to the security of these devices, there isn’t exactly an established standard yet, meaning that while some products might be harder to hack, others could have left themselves wide open.
That being said, security researchers over at Rapid7 have recently discovered a security flaw in Osram’s smart lightbulbs. Basically if this flaw were to be exploited by a hacker, they could gain access to the user’s home or enterprise networks, and in a worst-case-scenario, would allow the hacker to take control of a product to launch attacks against a browser, thus leading to browser-based attacks.
It also seems that it would allow the hacker to crack the user’s WiFi password within minutes, and given our penchant for reusing passwords, it could also potentially clue the hacker in regarding our passwords on other sites and services. Osram has yet to comment on the flaws that were recently made public.
However according to Deral Heiland, principal security consultant at security firm Rapid7, he claims that Osram has indicated to him that the next round of patches should fix the major flaws, save for two lesser flaws which presumably will be patched at a later date.
Filed in Connected Objects, IoT (Internet of Things) and Security.
. Read more about