acm-header
Sign In

Communications of the ACM

ACM TechNews

Billions of Smart Home Devices Open to Attack


View as: Print Mobile App Share:
Controlling smart home devices.

A security professional found a vulnerability in the Universal Plug and Play networking protocol that could expose billions of smart home devices to cyberattack.

Credit: Shutterstock

Security professional Yunus Cadirci discovered a vulnerability in the Universal Plug and Play (UPnP) networking protocol that could expose billions of smart home devices to cyberattack.

As explained on a dedicated website, the CallStranger bug's use for exflitration mainly impacts corporate networks, while the network-scanning and DDoS exploits target consumer Internet of Things devices.

Cadirci thinks the flaw could affect billions of devices, as it extends to Windows devices, Xboxes, and most TVs and routers.

Since he reported CallStranger to the UPnP-maintaining Open Connectivity Foundation, the group has published updates for the protocol.

Cadirci recommends consumers disable UPnP on their home Wi-Fi router, and he has posted a Python script on GitHub to let users scan their local network for susceptible devices.

From Tom's Guide
View Full Article

 

Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account