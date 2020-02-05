A Philips Hue vulnerability enables a hacker to take control of individual lamps, turn them on or off at will, and change both color and brightness. This can be done remotely using a laptop with a radio transmitter. You can watch a demonstration video below.

While this risk remains, the company has blocked an escalation vulnerability that previously allowed the attacker to compromise the Hue bridge and, from there, the rest of the network, including all connected PCs.

The vulnerability was discovered in the Zigbee communication protocol used by Philips Hue lamps and other smart home devices. Zigbee is also used by Amazon Echo Plus, Samsung SmartThings, Belkin WeMo, Hive Active Heating and accessories, intelligent Yale locks, Honeywell thermostats, Bosch Security Systems, Ikea Tradfri, Samsung Comcast Xfinity Box etc.

Check Point security researchers have found a way to escalate the attack from the control of a single light bulb to take over the entire network. The escalation works as follows:

The attacker was using the original vulnerability to gain control of a light bulb

The user sees a random behavior and is also unable to control the light bulb himself

The obvious troubleshooting step is to put the light bulb out and look for it again and add it again

By adding it again, malware in Bulb has access to the Hue Bridge

From there it can also spread to connected PCs

As soon as the attacker has access to a connected PC, he can install key loggers and ransomware, for example.

Of course, Check Point was responsible for this and passed on its findings to Signify, the owner of the Philips Hue brand. A patch is now available. Users are advised to check the Hue app to determine if updates are available and to install them if necessary.

Note that the original vulnerability that could control individual light bulbs could not be resolved as this would result in the light bulbs themselves being replaced. However, installing the update ensures that it cannot be transferred to other devices on your network.

According to Check Point, it is particularly important for companies with Hue bulbs to protect themselves.

“Many of us are aware that IoT devices can pose a security risk, but this investigation shows that even the most mundane, seemingly” stupid “devices, such as light bulbs, can be exploited by hackers to take over networks or system malware.” said Yaniv Balmas, head of cyber research at Check Point Research. “It is important that businesses and individuals protect themselves from these possible attacks by updating their devices with the latest patches and separating them from other computers on their networks to limit the possible spread of malware.” In today’s complex cyber attack landscape, we cannot afford to overlook the security of everything connected to our networks. “

Philips Hue thanked Check Point for the responsible disclosure.

You can watch the video demo below.

https://www.youtube.com/watch?v=4CWU0DA__bY [/ embed]

