Wednesday, 26 August 2015

Samsung Smart Refrigerator Vulnerable To MITM Attack

Researchers have discovered a vulnerability in a smart refrigerator from Samsung could allow an attacker located between the user and the Internet, also known as a Man-in-the-Middle (MITM) attack, Google can intercept passwords.

The Samsung RF28HMELBSR is a smart refrigerator with screen and internet connection. The refrigerator will connect to a Google Calendar account to the calendar data on the display and can be operated via an app. The connection to Google's servers is SSL, but the refrigerator check the validity of the SSL certificate does not offer.

This allows an attacker to steal located between the user and the Internet is via a fraudulent SSL certificate to decrypt the encrypted traffic and so the user's credentials. That allowed the researchers of the British Pen Test Partners recently shown at the Def Con conference in Las Vegas. As far as is known, Samsung still no patch for the fridge.

No comments:

Post a Comment