Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Vulnerability found in older Bosch smart home thermostats

Smart homes mean convenience and even energy conservation, with maybe some hacking on the side.

user icon David Hollingworth
Mon, 15 Jan 2024
Vulnerability found in older Bosch smart home thermostats
expand image

Researchers from Bitdefender have discovered a dangerous vulnerability in a popular smart home thermostat.

The vulnerability affects Bosch BCC100 thermostats and can lead to the device’s firmware being replaced with a “rogue version”.

The issue is how the thermostat’s two microcontrollers talk to each other and the wider network. One controller handles Wi-Fi connectivity, while the other is effectively the “brains” of the device. The networking controller is designed to communicate with the internet and pass data between the main controller and connected servers.

============
============

However, the networking controller also listens to port 8899 on the local network. According to Bitdefender, this could lead to malicious activity.

“This means that, if formatted correctly, the microcontroller can’t distinguish malicious messages from genuine ones sent by the cloud server,” Bitdefender said in a statement. “This allows an attacker to send commands to the thermostat, including writing a malicious update to the device.”

Because the thermostat’s communications with Bosch’s servers are “unmasked,” they are also easy to imitate. A properly configured “device/update” command could lead to a forged response that, in turn, leaves the thermostat completely compromised. By thinking it is upgrading itself to the latest firmware, the thermostat is instead upgrading itself using malicious code.

The Bosch BCC100 thermostat is no longer widely available, but it was popular on release back in 2018. Bitdefender recommends setting up a secure, dedicated network for all smart home devices.

“Home users should closely monitor IoT devices and isolate them as completely as possible from the local network,” Bitdefender said. “This can be done by setting up a dedicated network exclusively for IoT devices.”

You can learn about the vulnerability – CVE-2023-49722 – here.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.