Your Bosch smart thermostat might not be as clever as you thought – this security flaw could let hackers install malicious updates and more, so patch now

0
14

Your Bosch smart thermostat can be hacked and used by threat actors for a wide variety of malicious activities, researchers have warned.

Cybersecurity experts from Bitdefender have published a new report in which they detailed discovering a vulnerability in the Bosch BCC100 thermostat for versions SW 1.7.0 – HD 4.13.22. In the report, they said that the device has two microcontrollers, one that provides Wi-Fi functionality, and one that provides the thermostat’s main function. The one with the Wi-Fi functionality listens to TCP port 8899 on LAN and mirrors any message received on that port directly to the main microcontroller, through the UART data bus.

LEAVE A REPLY

Please enter your comment!
Please enter your name here