KeyWe Smart Lock Vulnerabilities — Commentary

This morning, Finnish security company F-Secure disclosed a number of vulnerabilities in the KeyWe Smart Lock, which is marketed as the “smartest lock ever” and advertised for unlocking doors through a mobile app. Security researchers discovered that cyberattackers could intercept network traffic between a user’s mobile app and the smart lock itself, ultimately gaining access to the keys to one’s home.

Grant McCracken, Director, Solutions Architecture,  Bugcrowd
December 12, 2019
As with any cloud-connected device, it’s almost a complete certainty that there will need to be critical updates.
While we don’t have all the details, the fact that anything could be sniffed in regards to this device is a pretty egregious oversight on the part of the lock makers. Given the relatively low cost of exploitation, it’s fairly safe to assume that with proper incentives and direction, security researchers would likely have easily been able to identify this in the wild, had it been subjected to t ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments

In this article