Security Architecture, Endpoint/Device Security, IoT, Network Security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Bugged Microwave? More like hacked dishwashers

A German researcher spotted a flaw in a networked dishwasher that could allow an attacker to access sensitive information on the appliance's network.

German security researcher Jens Regel spotted the web server security flaw in a Miele Professional PG 8528, a commercial dishwashers with IoT capabilities. If exploited the vulnerability could allow an attacker to access the appliance's embedded web server that is always connected to port 80, according to a March 24 Seclist Full Disclosure.

The bug could be exploited by an unauthenticated attacker in order to access sensitive information on the network to use in subsequent attacks. The vulnerability was discovered in November 2016 and the vendor was contacted shortly after its discovery.  The researcher asked for an update on two occasions and has yet to receive a response.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.