Latest in Gear

Image credit: NurPhoto via Getty Images

Networked freezers at grocery stores are vulnerable to hacking

Default passwords make it easy to hijack the appliances.
1104 Shares
Share
Tweet
Share
Save

Sponsored Links

NurPhoto via Getty Images

Security researchers at Safety Detective revealed vulnerabilities in the temperature control systems found in freezers that could allow an attacker to hijack the devices and destroy its contents. The security hole, which stems from weak passwords, affect internet-connected thermostats manufactured by Resource Data Management (RDM). The company's products are used by grocery stores, hospitals pharmaceutical firms, among others.

The researchers used Shodan, an internet search engine that shows specific devices connected to the internet, to find more 7,419 RDM products suffering from the vulnerability, many of which control multiple devices. Most of the thermostats are still using the default password, which makes them incredibly easy for an attacker to gain control of. Once a malicious actor hijacks the device, they are able to adjust temperatures, change alarms and obtain floor plans of facilities where the freezers are located.

Unfortunately, much like the issue that is plaguing Nest cameras at the moment, the issue with RDM's products comes from users failing to follow the necessary steps to secure their products. When approached by Safety Detective about the issue, RDM said the issue is related to the use of default passwords and users are encouraged to change them. Of course, companies could take action to force users to set up new passwords rather than rely on them to take action on their own, but for now, the firm is passing the blame onto users.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
1104 Shares
Share
Tweet
Share
Save

Popular on Engadget

YouTube Originals will be free to watch starting on September 24th

YouTube Originals will be free to watch starting on September 24th

View
Nintendo will replace a newly purchased Switch with newer model

Nintendo will replace a newly purchased Switch with newer model

View
Google pulls 85 Android apps with particularly obnoxious adware

Google pulls 85 Android apps with particularly obnoxious adware

View
24 hours with the Samsung Galaxy Note 10+

24 hours with the Samsung Galaxy Note 10+

View
A popular immigration bill is bad news for US esports

A popular immigration bill is bad news for US esports

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr