Friday, April 7, 2023

Critical vulnerabilities in Nexx smart home devices

Nexx makes a series of smart home devices that do things like garage door openers and security alarms.  It turns out that they have multiple security flaws that could be exploited to, well, open your garage door and turn off your security alarms. 

Even worse, they ignored the security researcher that discovered these flaws.  He notified the US Government Cybersecurity and Infrastructure Security Agency (CISA), who also told them.  

** crickets **

So they went public with a "these devices are well and truly screwed" announcement.  Oops.  If you have any of these things, the recommendation is to unplug them tout suite.

Yes, security is hard.  But it's even harder when you won't listen to folks who are trying to help you fix your security.

3 comments:

Old NFO said...

Another reason NOT to have a smart home...

danielbarger said...

Security for the Internet Of Things costs money.
Spending money cuts into profits for executives.
Thus money is not and likely never will be spent.
Understand this and plan accordingly. The only
person actually responsible for your security is
you. That applies not just to home invasion but
to hacking.

Art said...

Wasn't it you, Borepatch, who quipped "security was not even an afterthought; it was a never thought"?