Privacy, Threat Management

No fix for garage door bug that allows attackers to open door, manipulate alarm and meddle with smart plugs

A security researcher named Sam Sabetan had already reported the security vulnerabilities he had found in some Nexx products, but the company refused to address the issue, SecurityWeek reports. Sabetan found the bugs last year and disclosed details about them earlier this week. Most of these bugs are of high or critical severity ratings and could let threat actors remotely open garage doors and hijack alarms and smart plugs. The U.S. Cybersecurity and Infrastructure Security Agency said Nexx also ignored its attempts to report the bugs. The agency simultaneously rolled out an advisory warning potential victims about the threat. It is estimated that over 40,000 devices, located in both residential and commercial properties, are impacted. Furthermore, I determined that more than 20,000 individuals have active Nexx accounts, Sabetan explained. Hackers only require a targeted user's name, email address, device ID, or MAC address in order to launch successful attacks using the bugs.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.