Connect with us

Hi, what are you looking for?

Tech News

PSA: time to recycle your old Wemo smart plugs (if you haven’t already)

A Wemo Smart Plug Mini, front view
The Wemo Smart Plug Mini V2’s security flaw will not be fixed. | Photo by Amelia Holowaty Krales / The Verge

Security researchers at Sternum report they’ve found an exploitable vulnerability in the Wemo Smart Plug Mini V2 (via 9to5Mac). The plug debuted in 2019, offering cross-platform compatibility with Apple HomeKit, Google Assistant, and Alexa.

The bug would let a savvy hacker gain remote command of your Wemo plug by circumventing the Wemo app with a community-made Python app called PyWeMo. Once connected, an attacker can change the device name to something with more than 30 characters, resulting in a buffer overflow that allows the attacker to inject commands remotely.

When Sternum disclosed the vulnerability to Belkin, it was told that since the device was at the end of its life, it would not be receiving a fix. Sternum then reported the…

Continue reading…

Join The Exclusive Subscription Today And Get Premium Articles For Free
Your information is secure and your privacy is protected. By opting in you agree to receive emails from us. Remember that you can opt-out any time, we hate spam too!

You May Also Like

Editor's Pick

Marc Joffe Each April, USAFacts, a not‐​for‐​profit information provider founded by former Microsoft CEO Steve Ballmer, issues a report on the condition of US federal, state,...

Editor's Pick

Adam N. Michel As Congress searches for policies to meet our current economic challenges, maintaining full expensing—which has begun to phase out—should be top...

Editor's Pick

(This is the last installment of a three-part essay. The other parts are here and here.) A Capital Bank As its title suggests, the...

Editor's Pick

Marc Joffe Federal, state, and local governments are being called upon to support struggling transit agencies to meet climate change goals. But spending money...