Newsletter
It is no surprise that smart home devices have revolutionized how we live, offering a great sense of convenience and making our lives easier by always being connected to the internet. However, this convenience also makes them a target for hackers as they can exploit vulnerabilities in these devices, potentially compromising our privacy and security. Recently, security researcher Sam Sabetan discovered a security flaw in the Nexx smart garage door openers that could allow hackers to remotely control the device and potentially access the garage.
According to Sabetan, this security flaw is a significant concern for homeowners, as it can compromise the security and privacy of their homes by allowing third parties to control the devices remotely, using an email address, device ID, or first name and last initial. Although the true scope of this issue is still unclear, Sabetan believes that it could potentially impact over 40,000 devices and around 20,000 users.
“Within just an hour, I managed to gain control over garages belonging to any Nexx customer. Intrigued, I delved deeper into Nexx’s Smart Plugs and Alarms and found that there’s a widespread systemic security issue within the entire Nexx ecosystem,” says Sabetan.
Nexx’s response to the vulnerability
Sabetan claims that he reached out to Nexx about the security flaw in January, but the company failed to acknowledge any of his attempts to contact them regarding the vulnerability. As a result, Sabetan took to the internet to demonstrate in a proof-of-concept video, showing that he could control his device as well as over 500 others.
If you are a Nexx user, it is crucial to take immediate action to protect your home. Firstly, disconnect the Nexx smart garage door controller and any other Nexx smart home products you have. Secondly, change your passwords and set up two-factor authentication if you haven’t already. Lastly, keep track of which devices are using the internet and limit access to your Wi-Fi network to only trusted devices.