A new high-severity vulnerability that affects the Philips Hue Smart Light Bulbs were discovered which could be exploited from as far as 100 meters away to attain entry into a targeted WiFi network.
This vulnerability was revealed by the security researchers at Check Point and it has been tracked as CVE-2020-6007. The flaw resides in the way Philips implemented the Zigbee communication protocol in its smart light bulb which leads to a heap-based buffer overflow issue.
ZigBee is a largely used wireless technology designed to allow each device communicate with any other device on the network. This protocol is used in millions of devices across the globe including Amazon Echo, Samsung SmartThings, Belkin Emo etc.
Check Point researchers stated that through this exploitation, an attacker can invade a home or office’s computer network over-the-air, to spread ransomware or spyware, simply by using just a laptop and an antenna from over 100 meters.
The buffer overflow occurs on a component named “bridge” that accepts remote commands sent to the bulb over Zigbee protocol from other devices like a mobile app or Alexa home assistant.
Working of the Philips Smart Bulbs Vulnerability
The researchers did not want to reveal the complete technical details for the flaw right now, so that the affected users get enough time to apply patches.
But they shared a video demonstrating the attack.
According to the researchers the attack scenario includes:
- The attacker exploits a previously discovered bug and takes control over the smart bulb.
- The device becomes ‘Unreachable’ in the users’ control app, thereby tricking the user to reset the bulb and then instructs the control bridge to re-discover the bulb.
- Now the bridge discovers the hacker-controlled bulb with updated firmware, and the user adds it back to their network.
- The hacker exploits the ZigBee protocol vulnerabilities to trigger a heap-based buffer overflow on the control bridge, permitting him to install malware on the bridge which is connected to the targeted network.
- The hacker uses malware to infiltrate the network, and makes millions of other devices connected to the same network at risk of remote hacking.
Yaniv Balmas, Head of Cyber Research at Check Point Research states that most of us are aware of the security risks associated with the IoT devices. But it is clear from this research that even the most common devices like a lightbulb can also be exploited by hackers and used to take control over networks, or insert malware.
Check Point reported these vulnerabilities to Philips and Signify, owner of the Philips Hue brand, in November 2019 for which an update was released last month and patched firmware for the device.
It is obvious that users are now protecting themselves against any possible attacks by updating their devices with the latest patches and separating them from other devices on their networks, to prevent the spread of malware.
Those affected users who have not enabled automatic firmware update download feature are advised to manually install patches.