Your Bosch smart thermostat can be hacked and used by threat actors for a wide variety of malicious activities, researchers have warned.
Cybersecurity experts from Bitdefender have published a new report in which they detailed discovering a vulnerability in the Bosch BCC100 thermostat for versions SW 1.7.0 – HD 4.13.22. In the report, they said that the device has two microcontrollers, one that provides WiFi functionality, and one that provides the thermostat’s main function. The one with the WiFi functionality listens to TCP port 8899 on LAN and mirrors any message received on that port directly to the main microcontroller, through the UART data bus.
“This means that, if formatted correctly, the microcontroller can’t distinguish malicious messages from genuine ones sent by the cloud server,” the researchers explained. “This allows an attacker to send commands to the thermostat, including writing a malicious update to the device.”
Defending a smart home
By overwriting the device’s firmware with a malicious one built by the hackers, the thermostat can be used for different purposes, from listening to the communication going through the device, to stealing login credentials, to moving to other devices, and more.
Smart home devices, while offering plenty of convenience, are also a major risk factor, experts are saying. In order to protect the home from prying eyes, homeowners should, first and foremost, “closely monitor IoT devices and isolate them as completely as possible from the local network,” they said.
“This can be done by setting up a dedicated network exclusively for IoT devices.”
Furthermore, homeowners can use cybersecurity solutions built for the smart home, to scan for connected devices, identify and highlight potentially vulnerable ones. “IoT device owners should also check for newer firmware and update devices as soon as the vendor releases new versions,” Bitdefender concludes.