"A Popular Smart Home Security System Can Be Remotely Disarmed, Researchers Say"

Researchers at the cybersecurity company Rapid7 discovered two vulnerabilities in Fortress S03, a popular smart home security system. The exploitation of these vulnerabilities could lead to the system being disarmed by malicious actors. Fortress S03 relies on Wi-Fi to connect cameras, motion sensors, and sirens to the Internet, thus allowing owners to monitor their home from anywhere using a mobile app. The system also uses a radio-controlled key fob that allows owners to arm or disarm their home from outside. The vulnerabilities found to be contained by the security system include an unauthenticated Application Programming Interface (API) and an unencrypted radio signal that can be easily intercepted by attackers. According to the Rapid7 researchers, the system's unauthenticated API can be remotely queried over the Internet without the request being checked by the server as to whether it is legitimate. In addition, by knowing the homeowner's email address, the server would return the device's unique IMEI, which could then be used to disarm the system remotely. The other vulnerability involves unencrypted radio signals sent between the security system and the homeowner's key fob. The researchers were able to capture and replay the signals for arming and disarming the system since the radio waves were not adequately scrambled. This article continues to discuss the discovery, potential impact, and disclosure of the vulnerabilities discovered in the Fortress S03, and Fortress' response to the researchers' findings. 

TechCrunch reports "A Popular Smart Home Security System Can Be Remotely Disarmed, Researchers Say"