These vulnerabilities were discovered by Claudio Bozzato of Cisco Talos.
Cisco Talos recently discovered several vulnerabilities present within the firmware of the Samsung SmartThings Hub. In accordance with our coordinated disclosure policy, Cisco Talos has worked with Samsung to ensure that these issues have been resolved and that a firmware update has been made available for affected customers. These vulnerabilities could allow an attacker to execute OS commands or other arbitrary code on affected devices.
The SmartThings Hub is a central controller that monitors and manages various internet-of-things (IoT) devices such as smart plugs, LED light bulbs, thermostats, cameras, and more that would typically be deployed in a smart home. The SmartThings Hub functions as a centralized controller for these devices and allows users to remotely connect to and manage these devices using a smartphone. The firmware running on the SmartThings Hub is Linux-based and allows for communications with IoT devices using a variety of different technologies such as Ethernet, Zigbee, Z-Wave and Bluetooth.
Given that these devices often gather sensitive information, the discovered vulnerabilities could be leveraged to give an attacker the ability to obtain access to this information, monitor and control devices within the home, or otherwise perform unauthorized activities. Some example scenarios are listed below:
- Smart locks controlled by the SmartThings Hub could be unlocked, allowing for physical access to the home.
- Cameras deployed within the home could be used to remotely monitor occupants.
- The motion detectors used by the home alarm system could be disabled.
- Smart plugs could be controlled to turn off or on different things that may be connected.
- Thermostats could be controlled by unauthorized attackers.
- Attackers could cause physical damage to appliances or other devices that may be connected to smart plugs deployed within the smart home.
Given the wide range of possible deployments of these devices, this is not a complete list of different scenarios. Cisco Talos recommends ensuring that affected SmartThings Hubs are updated to the latest version of firmware to ensure that these vulnerabilities are addressed.