The smart home center Eufy Homebase 2 from hardware developer Anker Innovations is vulnerable and attackers could run malicious code.
Security researchers from Cisco Talos have found three security vulnerabilities and classify the threats in a post. A vulnerability (CVE-2022-21806) is considered “critical” and has the highest possible CVSS 3.0 score of 10 out of 10. According to a warning message, attackers could use specially prepared network packets and execute malicious code remotely.
Central point of attack
This can be dangerous because Eufy Homebase 2 is the central point in the smart home network for other devices from the manufacturer such as smart bells or surveillance cameras. As a result, the gap could be a gateway for attackers. The unit can also be integrated into Apple’s Homekit network.
Two other vulnerabilities (CVE-2022-26073, CVE-2022-25989) are associated with threat level “hoch“. After successful attacks, attackers could force devices to restart or bypass authentication.
The security researchers state that the developers are closing the gaps in the Version 126.96.36.199h have closed. They recommend a speedy installation.
Updated 06/17/2022 1:48 p.m
Reference to Apple’s Homekit built into the body text.
To home page
#Critical #gap #maximum #rating #smart #home #center #Anker #Eufy #Homebase