Your Bosch smart thermostat may not be as smart as you thought. This vulnerability allows hackers to install malicious updates and more, so patch now
Your Bosch smart thermostat could be hacked and used by threat actors for a wide range of malicious activities, researchers warn.
Cybersecurity experts from Bitdefender have published a new one report in which they discovered in detail a vulnerability in the Bosch BCC100 thermostat for versions SW 1.7.0 – HD 4.13.22. In the report, they said that the device has two microcontrollers, one that provides Wi-Fi functionality and one that provides the main function of the thermostat. The one with the Wi-Fi functionality listens to TCP port 8899 on LAN and mirrors any message received on that port directly to the main microcontroller, via the UART data bus.
“This means that, if formatted correctly, the microcontroller cannot distinguish malicious messages from genuine messages sent by the cloud server,” the researchers explain. “This allows an attacker to send commands to the thermostat, including writing a malicious update to the device.”
Defending a smart home
By overwriting the device’s firmware with a malicious version built by the hackers, the thermostat can be used for various purposes, from listening to the communications passing through the device, stealing credentials, moving it to other devices and more.
While smart home devices offer great convenience, they also pose a major risk factor, experts say. To protect the home from prying eyes, homeowners should first of all “keep a close eye on IoT devices and isolate them from the local network as completely as possible,” they say.
“This can be done by setting up a dedicated network exclusively for IoT devices.”
Additionally, homeowners can use cybersecurity solutions built for the smart home to scan for connected devices and identify and flag potentially vulnerable devices. “Owners of IoT devices should also check for newer firmware and update devices as soon as the vendor releases new versions,” concludes Bitdefender.
Finally, it can also help to have a network cybersecurity solution built right into the router.