Aug 21, 2018

Belkin-made smart plug could compromise entire networks

Shannon Vavra

Kitchen appliances in a renovated house — Photo: John McDonnell/The Washington Post via Getty Images

A vulnerability in a Belkin-made smart electric plug (which can connect appliances to WiFi) could allow hackers to access an entire local network, according to McAfee’s Advanced Threat Research team.

The big picture: The Internet of Things can make some tasks more convenient — like turning on and off the lights without getting out of bed, or controlling kitchen appliances remotely. But the convenience can come at a price.

The details:

The product is Belkin's Wemo Insight Smart Plug.
The vulnerability allows attackers to execute remote code.
McAfee alerted Belkin of the vulnerability in May in compliance with its responsible disclosure policy.

Impact: If the plug is hacked and networked with other devices, hackers can break the network router's security and "create a backdoor channel for an attacker to connect remotely, unnoticed on the network," Doug McKee, a senior security researcher at McAfee, explained.

Example: If hackers targeted a Smart TV on the network, for instance, they could turn that TV on and off, and also install or uninstall applications or access online content, per McKee.

Update: A Wemo spokesperson told Axios the company has been working with McAfee to "address the exploit and plan to release firmware in the coming month."

Add Axios on Google

Belkin-made smart plug could compromise entire networks

What to read next