NETGEAR SMART SWITCHES POTENTIALLY HACKED
Patched already but highlights flaws in the IoT
CYBERSECURITY EXPERTS found three vulnerabilities in Netgear’s smart switches that could be exploited to take control of the devices. Discovered by security researcher Gynvael Coldwind, Netgear has plugged the vulnerabilities and urged users to apply patches immediately.
According to BleepingComputer, while most of the affected devices are smart switches, some of them include cloud management capabilities and can be monitored and configured over the internet. Although Netgear’s advisory note doesn’t include technical details, Coldwind has shared details about the attack vectors of two of the vulnerabilities and listed the scenarios in which affected devices can be exploited to hand over control to attackers.
Coldwind believes Netgear has been conservative in its severity score assessment. Netgear rated it as highly severe with a score of 8.8, but Coldwind believes it deserves 9.8. Exploiting the flaw requires that Netgear’s Smart Control Center (SCC) feature is active, which it isn’t by default.