PSA: Older Wemo Smart Plugs Have Vulnerability That Leaves Them Open to Attack

by

Older Wemo smart plugs from Belkin have a vulnerability that allows them to be hacked, according to a blog post from security researchers at Sternum. The Wemo Mini Smart Plug V2 (model F7C063) from 2019 is vulnerable to a buffer overflow attack that can be used execute commands remotely.

belkin wemo v2 mini
Basically, the Wemo Mini Smart Plug V2 has a 30 character name limit that can be overwritten, leading to an exploitable memory buffer error. Full details on how the exploit works are available from Sternum.

Belkin told Sternum that it has no plans to update the Wemo Mini Smart Plug V2 because it is at the end of its life after four years and has been replaced with newer models. That leaves many potential Belkin customers vulnerable, as there are likely many of these smart plugs being used in the wild.

Sternum recommends that people prevent the Wemo Mini Smart Plug V2 from accessing the internet and communicating with other devices like the iPhone because of the vulnerability, but the safest bet would be to remove the plugs and replace them with something more secure.

Tags: Belkin, Wemo

Top Rated Comments

bottsjw Avatar
bottsjw
12 months ago
Yup. Belkin just lost my future business.
What a terrible policy/response.
?
Score: 67 Votes (Like | Disagree)
BBCWatcher Avatar
BBCWatcher
12 months ago
If you bought this product the first day it was available it’s 4 years old. If you were an average buyer it’s about 3 years old. And now Belkin has declared it e-waste because it was defective from the start, and they can’t be bothered to fix it. Thanks to Belkin for helping to destroy the planet faster.☹️
Score: 46 Votes (Like | Disagree)
mlrproducts Avatar
mlrproducts
12 months ago
As someone affected Belkin is off my list.

What a lazy response “it’s 4 years so we decided screw customers we can’t write software for something you paid for.”

Contributing to more unnecessary e-waste.

I’d happily go back to just using regular switches if, in exchange, all companies like this could just be out out of business.
Score: 39 Votes (Like | Disagree)
Nermal Avatar
Nermal
12 months ago
As others have said, that's pretty pathetic. Normal switches easily last for decades, so "killing" one after just four years is incredible.
Score: 33 Votes (Like | Disagree)
rtkane Avatar
rtkane
12 months ago
WHOEVER IS DOING THIS TO ME PLEASE STOP.



Attachment Image
Score: 33 Votes (Like | Disagree)
Rafterman Avatar
Rafterman
12 months ago
Yeah, they might switch your lamp on and off to annoy you :)
Score: 29 Votes (Like | Disagree)
Read All Comments

Popular Stories

Delta Feature

Delta Game Emulator Now Available From App Store on iPhone

Wednesday April 17, 2024 9:58 am PDT by
Game emulator apps have come and gone since Apple announced App Store support for them on April 5, but now popular game emulator Delta from developer Riley Testut is available for download. Testut is known as the developer behind GBA4iOS, an open-source emulator that was available for a brief time more than a decade ago. GBA4iOS led to Delta, an emulator that has been available outside of...
Read Full Article190 comments
iPhone 15 Pro Action Button Translate

All iPhone 16 Models to Feature Action Button, But Usefulness Debated

Tuesday April 16, 2024 6:54 am PDT by
Last September, Apple's iPhone 15 Pro models debuted with a new customizable Action button, offering faster access to a handful of functions, as well as the ability to assign Shortcuts. Apple is poised to include the feature on all upcoming iPhone 16 models, so we asked iPhone 15 Pro users what their experience has been with the additional button so far. The Action button replaces the switch ...
Read Full Article104 comments
maxresdefault

Hands-On With the New App Store Delta Game Emulator

Wednesday April 17, 2024 12:19 pm PDT by
A decade ago, developer Riley Testut released the GBA4iOS emulator for iOS, and since it was against the rules at the time, Apple put a stop to downloads. Emulators have been a violation of the App Store rules for years, but that changed on April 5 when Apple suddenly reversed course and said that it was allowing retro game emulators on the App Store. Subscribe to the MacRumors YouTube channel ...
Read Full Article224 comments
iOS NES Emulator Bimmy Feature

NES Emulator for iPhone and iPad Now Available on App Store [Removed]

Tuesday April 16, 2024 11:33 am PDT by
The first approved Nintendo Entertainment System (NES) emulator for the iPhone and iPad was made available on the App Store today following Apple's rule change. The emulator is called Bimmy, and it was developed by Tom Salvo. On the App Store, Bimmy is described as a tool for testing and playing public domain/"homebrew" games created for the NES, but the app allows you to load ROMs for any...
Read Full Article229 comments
Provenance Emulator

PlayStation, GameCube, Wii, and SEGA Emulator for iPhone and Apple TV Coming to App Store

Friday April 19, 2024 8:29 am PDT by
The lead developer of the multi-emulator app Provenance has told iMore that his team is working towards releasing the app on the App Store, but he did not provide a timeframe. Provenance is a frontend for many existing emulators, and it would allow iPhone and Apple TV users to emulate games released for a wide variety of classic game consoles, including the original PlayStation, GameCube, Wii,...
Read Full Article106 comments