惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

大猫的无限游戏
大猫的无限游戏
Security Archives - TechRepublic
Security Archives - TechRepublic
T
Threat Research - Cisco Blogs
A
Arctic Wolf
S
Securelist
O
OpenAI News
T
Threatpost
Forbes - Security
Forbes - Security
N
News and Events Feed by Topic
S
Secure Thoughts
H
Heimdal Security Blog
S
Security Affairs
P
Privacy International News Feed
C
Cisco Blogs
C
CERT Recently Published Vulnerability Notes
Cyberwarzone
Cyberwarzone
N
News and Events Feed by Topic
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
P
Palo Alto Networks Blog
S
Security @ Cisco Blogs
Hacker News - Newest:
Hacker News - Newest: "LLM"
博客园 - 三生石上(FineUI控件)
月光博客
月光博客
T
Tailwind CSS Blog
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Hacker News: Ask HN
Hacker News: Ask HN
T
Troy Hunt's Blog
S
SegmentFault 最新的问题
腾讯CDC
V
Visual Studio Blog
Last Week in AI
Last Week in AI
H
Hacker News: Front Page
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Project Zero
Project Zero
WordPress大学
WordPress大学
NISL@THU
NISL@THU
博客园 - 【当耐特】
博客园 - Franky
Webroot Blog
Webroot Blog
博客园_首页
T
Tenable Blog
雷峰网
雷峰网
Google Online Security Blog
Google Online Security Blog
阮一峰的网络日志
阮一峰的网络日志
V2EX - 技术
V2EX - 技术
Recent Commits to openclaw:main
Recent Commits to openclaw:main
L
Lohrmann on Cybersecurity
The Hacker News
The Hacker News

hackers Archives - VICE

Hackers Are Spreading Malware Through LinkedIn Comments Now Feds Want to Ban the World’s Cutest Hacking Device. Experts Say It's a ‘Scapegoat’ Hackers Took Over Transit Ads with Messages from Queer Palestinians in Gaza ‘Windows for Gamers’ Rolls Dice With Your Security Senator Asks Big Banks How They're Going to Stop AI Cloned Voices From Breaking Into Accounts The Car Thieves Using Tech Disguised Inside Old Nokia Phones and Bluetooth Speakers Smart Garage Company Fixes Vulnerability by Breaking Customers' Devices The Cure Tried to Stop Scalpers. Brokers Are Selling Entire Ticketmaster Accounts Instead Inside the DEA Tool Hackers Allegedly Used to Extort Targets
Hackers Can Remotely Open Smart Garage Doors Across the World
Joseph Cox · 2023-04-04 · via hackers Archives - VICE

Hackers can remotely tap into a particular brand of smart garage door opener controllers and open them across the world due to a series of security vulnerabilities that the brand, called Nexx, has declined to fix, according to findings from a security researcher. 

The vulnerabilities pose a serious risk to users of Nexx, which offers a wi-fi enabled garage door opener controllers among other products. The researcher who discovered the issue says that Nexx has not responded to their attempts to responsibly report the vulnerabilities for months, according to a copy of an email shared with Motherboard.

Videos by VICE

“Completely remote. Anywhere in the world,” Sam Sabetan, the security researcher, told Motherboard, describing the hack.

Have you discovered any other serious vulnerabilities? We’d love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, or email joseph.cox@vice.com.

Nexx says it sells “Easy-to-use products that work with things you already own.” Its garage product connects to a person’s existing garage door opener and allows them to activate it remotely through a smartphone app. “Life is complicated enough. Remembering whether or not you left your garage door open should be the least of your worries: Get peace of mind,” the company advertises on its website. Nexx has run campaigns on Kickstarter.

Sabtean made a video proof-of-concept of the hack. It shows him fist opening his own garage door as expected with the Nexx app. He then logs into a tool to view messages sent by the Nexx device. Sabetan closes the door with the app, and captures the data the device sends to Nexx’s server during this action.

With that, Sabetan doesn’t just receive information about his own device, but messages from 558 other devices that aren’t his. He is now able to see the device ID, email address, and name linked to each, according to the video.

Sabetan then replays a command back to the garage through the software—rather than the app—and his door opens once again. Sabetan only tested this on his own garage door, but he could have remotely opened other users’ garage doors with this technique.

Sabetan told Motherboard he could open doors “for any customer.”

“That’s the craziest bug. But the disabling alarm and turning on [and] off smart plugs is pretty neat too,” he added, referring to another Nexx product that allows users to control power outlets in their home.

The consequences of someone weaponzing these vulnerabilities are wide ranging and potentially a real security threat for Nexx’s customers. A hacker could open Nexx doors around the world at random, exposing their garage contents and perhaps their homes to opportunistic thieves. Pets might escape. Or customers might just get very annoyed at someone opening and closing their property with no idea of why it was happening. In more extreme cases, a hacker could use the vulnerabilities as part of a targeted attack against a particular garage that used Nexx’s security system.

Sabetan and Motherboard have repeatedly tried to contact Nexx about the issues. Sabetan said the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) told him it had attempted contact too. The company has failed to reply or fix the vulnerabilities. This means the security vulnerabilities are still available to hackers who may wish to abuse them. For that reason, Motherboard is not describing them in great detail and instead focusing on their impact to consumers. CISA published its own advisory about the security issues on Tuesday.

It appears Nexx is actively ignoring at least some inquiries trying to warn them of the vulnerabilities. After Nexx’s support email did not respond to his vulnerability report, Sabetan contacted Nexx’s support again, this time saying he was looking for help with his own Nexx product.

That time, Nexx’s support staff replied, according to a copy of the email Sabetan shared with Motherboard.

“Great to know your support is alive and well and that I’ve been ignored for two months,” Sabetan replied. Please respond to ticket [ticket number,” he wrote, referring to his vulnerability report.

Subscribe to our cybersecurity podcast, CYBER. Subscribe to our new Twitch channel.