Older Wemo smart plugs from Belkin have a vulnerability that allows them to be hacked, according to a blog post from security researchers at Sternum. The Wemo Mini Smart Plug
Older Wemo smart plugs from Belkin have a vulnerability that allows them to be hacked, according to a blog post from security researchers at Sternum. The Wemo Mini Smart Plug V2 (model F7C063) from 2019 is vulnerable to a buffer overflow attack that can be used execute commands remotely.


Basically, the Wemo Mini Smart Plug V2 has a 30 character name limit that can be overwritten, leading to an exploitable memory buffer error. Full details on how the exploit works are available from Sternum.

Belkin told Sternum that it has no plans to update the Wemo Mini Smart Plug V2 because it is at the end of its life after four years and has been replaced with newer models. That leaves many potential Belkin customers vulnerable, as there are likely many of these smart plugs being used in the wild.

Sternum recommends that people prevent the Wemo Mini Smart Plug V2 from accessing the internet and communicating with other devices like the iPhone because of the vulnerability, but the safest bet would be to remove the plugs and replace them with something more secure.
Tags: Belkin, Wemo

This article, "PSA: Older Wemo Smart Plugs Have Vulnerability That Leaves Them Open to Attack" first appeared on MacRumors.com

Discuss this article in our forums

original link


You may also be interested in this

Apple’s free GarageBand i…

With Apple’s free GarageBand app, you can start making professional‑sounding music right away. Plug in your guitar or mic and choose from a jaw‑dropping array of realistic amps and effects.

Truth Social to launch st…

Trump Media & Technology Group’s Truth Social Trump Media & Technology Group Corp., operator of the social media platform Truth Social, announced today that after six months of testing on

Samsung to break Sony’s i…

The upcoming iPhone 16 Pro Max is rumored to feature Sony’s advanced 48MP Exmor IMX903 sensor. This new sensor boasts double-layer transistors and a larger size compared to its predecessor

2023 Apple Design Award W…

Apple has announced the apps and games that are receiving a 2023 Apple Design Award for outstanding app design, innovation, ingenuity, and technical achievement, with winners that include Afterplace, Flighty,

Apple Still Hasn’t …

Coming away from all the press coverage and the demonstration videos that Apple released for its Vision Pro headset, most people would be forgiven for not realizing that there is

Hands-on: iOS 17 adds int…

One of the big changes in iOS 17 is support for interactive widgets, a major improvement compared to the initial version of widgets that debuted with iOS 14. In line

Amazon releases four new …

On top of trumpeting about a half-billion Alexa devices sold, Amazon has unveiled a fresh collection of Echo devices, including the Echo Pop, Echo Show 5, Echo Show 5 Kids,

Today only: 16-inch MacBo…

For 24 hours only, B&H Photo has shaved $1,700 off Apple's loaded M1 Max MacBook Pro 16-inch featuring 64GB of memory and a whopping 4TB of storage.Today's DealZone features the
X

A whimsical homage to the days in black and white, celebrating the magic of Mac OS. Dress up your blog with retro, chunky-grade pixellated graphics to evoke some serious computer nostalgia. Supports a custom menu, custom header image, custom background, two footer widget areas, and a full-width page template. I updated Stuart Brown's 2011 masterpiece to meet the needs of the times, made it responsive , got dark mode, custom search widget and more.You can download it from tigaman.com, where you can also find more useful code snippets and plugins to get even more out of wordpress.