April 22, 2020 By Tara Seals
Users should update their firmware for three popular smart-home hubs.
Three different connected home hubs – Fibaro Home Center Lite, Homematic Central Control Unit (CCU2) and Elko’s eLAN-RF-003 – are vulnerable in their older versions to serious bugs that would allow information disclosure, man-in-the-middle (MiTM) attacks and unauthenticated remote code execution (RCE), according to researchers.
Home hubs are used to connect a range of smart devices (including appliances, IP cameras, smart thermostat and doorbell gadgets, connected TVs, Google Home and Amazon Alexa offerings, plus laptops, phones and the like). Researchers at ESET pointed out in Tuesday research that an attacker that compromises one of these could in theory gain full access to all of the peripheral devices connected to it – a scenario that could also impact businesses given that more people are working from home.