Discloses Vulnerability in XFINITY’s Home Security System

By   ISBuzz Team
Writer , Information Security Buzz | Jan 05, 2016 08:00 pm PST

With CES this week, the connected home and future of what our homes will look like will take centre stage. Analysts project that 10 billion devices will be connected to both home and increasingly government and enterprise networks in 2016.

[su_note note_color=”#ffffcc” text_color=”#00000″]Phil Bosco, Security Consultant at Rapid7 :

Phil and his team discovered that by causing a failure condition in the 2.4 GHz radio frequency band, the security system does not fail closed with an assumption that an attack is underway. Instead, the system fails open, and the security system continues to report that, “All sensors are in-tact and all doors are closed. No motion is detected.” Rapid7 has determined that there are any number of techniques that could be used to cause interference or de-authentication of the underlying ZigBee-based communications protocol, such as commodity radio jamming equipment and software-based de-authentication attacks on the ZigBee protocol itself.

There does not appear to be a limit to the duration of the failure in order to trigger a warning or other alert. In addition, when Bosco demonstrated the issue, he determined that the amount of time it takes for the sensor to re-establish communications with the base station and correctly report is in an open state can range from several minutes to up to three hours.

At this time, Rapid7 has determined that there are no practical mitigations to this issue. A software/firmware update appears to be required in order for the base station to determine how much and how long a radio failure condition should be tolerated and how quickly sensors can re-establish communications with the base station.[/su_note]

Additional information about this disclosure can be found HERE.

[su_box title=”About Rapid7″ style=”noise” box_color=”#336588″]rapid7Rapid7 security data and analytics software and services help organizations reduce the risk of a breach, detect and investigate attacks, and build effective IT security programs. With comprehensive real-time data collection, advanced correlation, and insight into attacker techniques, Rapid7 strengthens an organization’s ability to defend against everything from opportunistic drive-by attacks to advanced threats. Unlike traditional vulnerability management and incident detection technologies, Rapid7 provides visibility, monitoring, and insight across assets and users from the endpoint to the cloud. Dedicated to solving the toughest security challenges, Rapid7 offers proprietary capabilities to spot intruders leveraging today’s #1 attack vector: compromised credentials. Rapid7 is trusted by more than 3,700 organizations across 90 countries, including 30% of the Fortune 1000.[/su_box]