PSA: Older Wemo Smart Plugs Have Vulnerability That Leaves Them Open to Attack
Older Wemo smart plugs from Belkin have a vulnerability that allows them to be hacked, according to a blog post from security researchers at Sternum. The Wemo Mini Smart Plug V2 (model F7C063) from 2019 is vulnerable to a buffer overflow attack that can be used execute commands remotely.
Basically, the Wemo Mini Smart Plug V2 has a 30 character name limit that can be overwritten, leading to an exploitable memory buffer error. Full details on how the exploit works are available from Sternum.
Belkin told Sternum that it has no plans to update the Wemo Mini Smart Plug V2 because it is at the end of its life after four years and has been replaced with newer models. That leaves many potential Belkin customers vulnerable, as there are likely many of these smart plugs being used in the wild.
Sternum recommends that people prevent the Wemo Mini Smart Plug V2 from accessing the internet and communicating with other devices like the iPhone because of the vulnerability, but the safest bet would be to remove the plugs and replace them with something more secure.
Popular Stories
Unidentified governments are surveilling smartphone users by tracking push notifications that move through Google's and Apple's servers, a US senator warned on Wednesday (via Reuters). In a letter to the Department of Justice, Senator Ron Wyden said foreign officials were demanding the data from the tech giants to track smartphones. The traffic flowing from apps that send push notifications...
Best Buy's month-long holiday sale continues this weekend with multiple all-time low prices on Apple's line of MacBook Pro and MacBook Air computers. In addition to Apple notebooks, Best Buy's event has discounts sitewide on home appliances, TVs, video games, and more. Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive...
iOS 17.2 has been in beta testing for over a month, and it should be released to all users in a few more weeks. The software update includes many new features and changes for iPhones, including the dozen that we have highlighted below. iOS 17.2 is expected to be released to the public in mid-December. To learn about even more features coming in the update, check out our full list. Journal ...
Apple appears to have closed the loophole that Beeper Mini used to bring iMessage to Android, putting a stop to blue bubbles from Android devices. Beeper Mini quit working earlier today, with users receiving "failed to lookup on server: lookup request timed out" error messages. Beeper said on Twitter that it is investigating the issue, but Beeper CEO Eric Migicovsky told TechCrunch that "all ...
Apple's iPhone 15 lineup came out in September, and while most reviews are done shortly after a new device launches, we like to follow up with a longer term review that gives us an opportunity to provide a deeper dive into what it's like using these phones on a day to day basis for months. Subscribe to the MacRumors YouTube channel for more videos. MacRumors videographer Dan Barbera has been...
Amazon has a few big discounts on Apple Watch today, headlined by a new all-time low price on the Apple Watch Ultra 2. Many of these watches can be delivered by Christmas, with delivery dates around the middle of next week for most models. Note: MacRumors is an affiliate partner with Amazon. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site ...
Recently, MacRumors has received details on the battery currently being tested on the upcoming fourth-generation iPhone SE, and the information corroborates previous findings in relation to the device. The iPhone SE 4, known by its device identifier D59, is expected to use the exact same battery found in the base model iPhone 14. Partially assembled prototypes of the next iPhone SE have been ...
Apple made the first beta of iOS 17.2 available to developers in October. Since then we've seen three more betas, and with each iteration Apple continues to add more new features and changes, many of which users have been anticipating for quite a while. Below, we've listed 35 new things that are coming to your iPhone when the finalized version is publicly released in mid-December. 1....
Top Rated Comments
What a terrible policy/response.
?
What a lazy response “it’s 4 years so we decided screw customers we can’t write software for something you paid for.”
Contributing to more unnecessary e-waste.
I’d happily go back to just using regular switches if, in exchange, all companies like this could just be out out of business.