Checkpoint Cyber Defense Investigators have identified serious security weaknesses in the Philips “smart bulbs” protocol.
The weaknesses have allowed damage to businesses, authorities and even homes that use these bulbs by remotely controlling the bulbs and exploiting their connection from one side to the radio network and the other to the computer network.
The weaknesses found illustrate the dangers that exist in Internet of Things (IoT) products that are designed to connect to the Internet but, in most cases, lack adequate protection.
The research focused on the Philips Hue smart bulbs – the global market leader in the field. The weaknesses (CVE-2020-6007) focus on the ZigBee protocol, a wireless protocol used to control bulbs that is used in a broad spectrum of IoT products.
Check Point Investigators, assisted by the Check Point Institute for Information Security at Tel Aviv University (CPIIS), attacked the controller (Philips Hue Bridge) which manages the bulbs and is connected to both the radio network and the home / corporate computer network. The attack process demonstrated by researchers begins with a light bulb takeover and a change of color and its lighting intensity in the first stage, with the aim of making the consumer think there is a problem with the bulb’s performance.
At this point, the bulb appears as “unavailable” in the control app and therefore the consumer will attempt to redo by deleting the bulb from the app and starting a search operation to locate the bulb and reinstall it. At this stage, the researchers exploited a weakness in the control protocol for the bulbs in the controller, in order to gain control of the controller itself and to gain access to the network connected to it. In this way, an attacker can infuse the desired damage through it, through the bulb, to the controller that controls it and to the computer network to which the controller is connected.
Philips and Signify (the Philips Hue brand) have confirmed the weaknesses and have automatically updated their software (Firmware 1935144040). Check Point recommends that all users make sure that their product is up-to-date with the latest bulb management apps.
Yaniv Belmes, Director of Check Point’s Cyber Research Department: “The dangers inherent in IoT products have been talked about for a number of years and our research demonstrates just how real the risks are when it comes to” simple “bulb products, as these products are connected to a central network that is at risk for lack of security. Organizations and consumers who use such products must make sure that the products are up to date with the most up-to-date security update and to check exactly which networks these products are connected to. In the current reality of the fifth generation threats, any product that connects to the network can be used to attack the network. ”
George Yianni, Director of Technology at Philips Hue, said: “We are committed to maintaining the privacy of our users and doing everything we can to make sure the products are safe. We thank Check Point for sharing the findings that allow us to install security updates Appropriate to avoid consumer risk. ”