Connected Home Hubs Open Houses to Full Remote Takeover
According to researchers at ESET, three different connected home hub systems, Fibaro Home Center Lite, Homematic Central Control Unit, and Elko’s eLAN-RF-003 contain serious bugs that could allow for unauthenticated remote code execution (RCE) as well as information disclosure and man-in-the-middle attacks. The home hubs are used to connect to smart devices such as IP cameras, appliances, doorbells, TVs, Google Homes, and personal devices.
ESET stated in a report published on Tuesday that an attacker who is able to compromise one of the hubs may gain full access to all of the smart devices connected to it. This could also impact businesses as more people are working from home to combat the COIVD-19 outbreak. the flaws were disclosed by ESET this week, however, most of them were fixed in previous updates. They continue to impact a number of IoT devices due to the fact that customers do not update device firmware very often.