Latest in Gear

Image credit: Samsung

Samsung patches multiple SmartThings Hub security flaws

Hackers could have exploited the vulnerabilities to control devices connected to the hub.
343 Shares
Share
Tweet
Share
Save

Sponsored Links

Samsung

Samsung's SmartThings hub suffered from 20 vulnerabilities that could have allowed attackers to control the internet-of-things devices connected to it. Thankfully, security intelligence firm Cisco Talos discovered the flaws and worked with the Korean company to resolve the issues, allowing Samsung to release a firmware update that patches them for all affected customers. Talos admits in its report that some of the vulnerabilities would've been difficult to exploit, but attackers can combine several at once to launch a "significant attack on the device."

While the hub may not have access to credit card and bank account numbers, hackers could have taken advantage of the flaws to disable smart locks and gain physical entry to people's homes, for instance, or to take command of nanny cams and CCTVs to monitor a house's occupants or an establishment's activities. They could've used the flaws to disable motion and alarm systems or even to damage appliances connected to the hub.

Despite the multiple vulnerabilities, Talos praised the company for working to resolve the situation after being informed. Craig Williams, Director of Cisco Talos Outreach, told ZDNet that Samsung "did a lot of things right and should be commended for the way [it] designed [its] devices to be easily updated." He added "Every piece of software from every vendor has bugs if you look closely enough." A Samsung spokesperson also told the publication that it had already released an automatic update to fix all the flaws Talos found and "all active SmartThings Hub V2 devices in the market are updated to date."

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
343 Shares
Share
Tweet
Share
Save

Popular on Engadget

The best mobile devices for students

The best mobile devices for students

View
Porsche streamlines the Taycan EV’s infotainment system

Porsche streamlines the Taycan EV’s infotainment system

View
Lenovo’s Smart Clock becomes a more capable home hub

Lenovo’s Smart Clock becomes a more capable home hub

View
Wirecutter's best deals: Save $60 on an Acer Chromebook 11

Wirecutter's best deals: Save $60 on an Acer Chromebook 11

View
Samsung Galaxy Note 10+ review: Weird, but in a good way

Samsung Galaxy Note 10+ review: Weird, but in a good way

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr