tags:iotfirmware original link: Say Friend and Enter: Digitally lockpicking an advanced smart lock (Part 2) newsletter link: exploits.club Weekly Newsletter 12
Exploits Club Summary:
A few weeks ago, we covered part 1 of this series, in which Aleph Security began analysis on a smart lock, taking a look at the Android app, firmware, BLE, and other potential attack vectors. In the follow up to that post, the team details a metric ton of vulnerabilities they identified during the next phase of their research. This ranges from things like protocol downgrade to âunauthenticated update leading to complete takeover.â The biggest takeaway? Donât put a Kontrol Lux Lock on your front doorâŠor any door for that matter.
backlinks: Say Friend and Enter - Digitally lockpicking an advanced smart lock