Posted on April 5, 2023 at 4:58 PM
Nexx fails to issue a patch to security flaws on smart home devices
Hackers can gain unauthorized access to a certain brand of smart garage door opener controllers. Hackers can open these doors in any location globally by exploiting a security flaw on Nexx. The Nexx brand had previously been notified of the vulnerabilities but failed to issue a patch.
Hackers can open smart garage doors globally
The vulnerabilities in question put the users of the Nexx brand at risk of exploitation. Nexx is a platform that provides wi-fi enabled garage door opener controls and a wide range of other products.
A security researcher that detected the flaw noted that they had alerted Nexx, but the company failed to issue a patch. The researcher said that Nexx failed to respond to the attempts to report the flaw responsibly for several months.
The security researcher who detected the flaw is Sam Sabetan, who said it was remote and could be exploited anywhere in the world. Nexx is a company that offers a wide range of products, among them garage doors. The company’s garage door links a person to an existing garage door opener. The door can be activated remotely using a smartphone app.
The company’s website assured users of safety, saying, “Life is complicated enough. Remembering whether or not you left your garage door open should be the least of your worries: Get peace of mind.” However, it appears that these assurances are not enough, given the flaws detected by researchers.
Sabetan created a video proof-of-concept to show that this breach indeed exists. The video shows the researcher opening his garage door using the Nexx app. He later signs into a tool to access messages that the Nexx device has sent. Afterward, he closes the garage door using the app and accesses the data the device transmits to the Nexx server.
By taking this action, Sabetan obtains information on his device. He also accessed messages sent to 558 other devices not belonging to him. The information obtained includes email addresses, device ID, and the name attached to each device.
Afterward, Sabetan sends back a command to the garage using the software, not the app, which reopens the garage doors. Sabetan tested the flaw using his garage door, but if it was exploited in the wild, it could be used to access multiple garage doors.
He added that the flaw was one of the most severe flaws because it could disable the alarm and control the smart plug. This indicates that the flaws can allow hackers also to control another Nexx product where users can control power outlets within their homes.
There are far-reaching effects if a hacker can weaponize these vulnerabilities. Nexx products are geared towards safety, and security flaw threatens Nexx customers.
A hacker can easily open Nexx doors globally at random, which leaves their garages exposed. Their homes are also vulnerable to burglars. In extreme cases, threat actors can use the bug to attack a garage that uses the Nexx security system to gain access.
Nexx fails to issue a patch
Security researchers usually inform companies about security flaws before disclosing this information to the public. This allows the company to deploy a patch before exploiting the flaw. However, Nexx is not willing to resolve the issue.
Sabetan said that he repeatedly contacted Nexx on the issue to no avail. The researcher also said that the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) attempted to contact Nexx.
Nexx has failed to respond to the alerts of issue fixes. The security vulnerabilities are still available for hackers to exploit. CISA also issued a security advisory on the flaws. Nexx appears to ignore any inquiries, warning the company about the vulnerabilities.
The CISA advisory said, “Nexx has not responded to requests to work with CISA to mitigate these vulnerabilities. Users of the affected product are encouraged to contact Nexx support for additional information. CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability.”
Sabetan noted that he sent several messages to the Nexx support team warning the company of the security issue. After being ignored, he sent another message to the support team seeking help for his product, and this inquiry was answered. He then urged support to address the security flaw to no avail.