Security researcher uncovers vulnerability in WeMo-enabled Mr. Coffee machines
- The researcher from McAfee discovered that these IoT-connected coffee machines were having poor security implementations.
- The vulnerability could have easily allowed brute force attacks on these devices.
Popular coffee machine series Mr. Coffee was found to have a security vulnerability in its machines.
Sam Quinn, a security researcher at McAfee published a security report surrounding these IoT capable coffee machines. The Mr. Coffee coffee maker for its communication with Wemo, a product suite to control electronics remotely, was found to contain a poor security implementation.
What is the matter - When Quinn connected the coffee machine with the Wemo App, he found that the transmissions for inter-communication lacked encryption and used the UPNP protocol.
The Wemo App schedules coffee brews in the machine at specific times. The coffee machine did not perform any validation checks on the brewing schedules.
The big picture
“Once disassembled, I saw there was a Wemo module connected to a larger PCB responsible for controlling the functions of the coffee maker. I then extracted the Wemo module from the coffee maker. This looked almost Identical to the Wemo module that was in the Wemo Insight device.
After I obtained root access via the serial port on the Wemo device, I began to investigate the way in which the Wemo application is initiated from the underlying Linux Operating System. While looking through some of the most common Linux files and directories, I noticed something odd in the 'crontab' file,” wrote Quinn in his write-up.
Thus, instead of having a separate coffee brew scheduling function, the developers of the coffee machine used Linux crontabs for scheduling.
Quinn also attempted a reverse shell operation and discovered that attackers could easily perform brute force attacks and gain access to the coffee machine. However, this vulnerability only exists if the coffee machine is connected to the same network as the Wemo application.
What actions were taken - The security researcher has informed Wemo of the vulnerability and the company has patched this in its latest firmware update.