Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-plugin-hostgator domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home4/scienrds/scienceandnerds/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the ol-scrapes domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home4/scienrds/scienceandnerds/wp-includes/functions.php on line 6114

Warning: Cannot modify header information - headers already sent by (output started at /home4/scienrds/scienceandnerds/wp-includes/functions.php:6114) in /home4/scienrds/scienceandnerds/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home4/scienrds/scienceandnerds/wp-includes/functions.php:6114) in /home4/scienrds/scienceandnerds/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home4/scienrds/scienceandnerds/wp-includes/functions.php:6114) in /home4/scienrds/scienceandnerds/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home4/scienrds/scienceandnerds/wp-includes/functions.php:6114) in /home4/scienrds/scienceandnerds/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home4/scienrds/scienceandnerds/wp-includes/functions.php:6114) in /home4/scienrds/scienceandnerds/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home4/scienrds/scienceandnerds/wp-includes/functions.php:6114) in /home4/scienrds/scienceandnerds/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home4/scienrds/scienceandnerds/wp-includes/functions.php:6114) in /home4/scienrds/scienceandnerds/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home4/scienrds/scienceandnerds/wp-includes/functions.php:6114) in /home4/scienrds/scienceandnerds/wp-includes/rest-api/class-wp-rest-server.php on line 1893
{"id":35309,"date":"2023-06-16T21:47:06","date_gmt":"2023-06-16T21:47:06","guid":{"rendered":"https:\/\/scienceandnerds.com\/2023\/06\/16\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems\/"},"modified":"2023-06-16T21:47:07","modified_gmt":"2023-06-16T21:47:07","slug":"a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems","status":"publish","type":"post","link":"https:\/\/scienceandnerds.com\/2023\/06\/16\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems\/","title":{"rendered":"A simple bug exposed access to thousands of smart security alarm systems"},"content":{"rendered":"

Source:https:\/\/techcrunch.com\/2023\/06\/16\/eaton-secureconnect-security-alarm-vulnerability\/<\/a><\/br>
\nA simple bug exposed access to thousands of smart security alarm systems<\/br>
\n2023-06-16 21:47:06<\/br><\/p>\n

\n

U.S. power and electronics giant Eaton has fixed a security vulnerability that allowed a security researcher to remotely access thousands of smart security alarm systems.<\/p>\n

Security researcher Vangelis Stykas<\/a> said he found the vulnerability in Eaton\u2019s SecureConnect<\/a>, a cloud-based system that allows customers to remotely access, manage, and arm and disarm their security alarm systems from a phone app.<\/p>\n

Stykas said the vulnerability allowed anyone to sign up as a new user and assign that account to any other group of users, including a \u201croot\u201d group, which has access to all of the smart alarm systems connected to Eaton\u2019s cloud.<\/p>\n

The vulnerability is known as an insecure direct object reference, or IDOR, a class of security bug that allows unchecked access to files, data, or user accounts because of weak or lacking access controls on a server. Stykas said the bug was easy to exploit using man-in-the-middle tools like Burp Suite by intercepting the new user\u2019s group number and swapping it with the number of the root group, which was simply \u201c1\u201d.<\/p>\n

Stykas said adding a user to the root group \u201cgave access to everything,\u201d including the registered user\u2019s name and email address, and the location of every connected security alarm system. Stykas said that the access could have allowed a potential attacker to remotely control security alarm systems connected to Eaton\u2019s cloud \u2014 though he did not attempt this.<\/p>\n

In a security notification<\/a> published to its website, Eaton confirmed the bug was discovered in its group access authorization logic.<\/p>\n

Jonathan Hart, a spokesperson for Eaton, said the vulnerability was fixed in May. Hart declined to say how many smart alarm customers it has, though Stykas said the number of Eaton connected smart alarm systems was in the high tens of thousands.<\/p>\n

Eaton declined to say if the vulnerability allowed the remote control of connected security alarm systems. Eaton said the vulnerability was \u201cverified to be a single event,\u201d but did not say how it came to this conclusion or if the company has the technical means, such as logging systems, to determine if the vulnerability was previously discovered or exploited.<\/p>\n<\/p><\/div>\n

<\/br><\/br><\/br><\/p>\n

Science, Tech, Technology<\/br>
\n<\/br>
\nSource:https:\/\/techcrunch.com\/2023\/06\/16\/eaton-secureconnect-security-alarm-vulnerability\/<\/a><\/br><\/br><\/p>\n","protected":false},"excerpt":{"rendered":"

Source:https:\/\/techcrunch.com\/2023\/06\/16\/eaton-secureconnect-security-alarm-vulnerability\/ A simple bug exposed access to thousands of smart security alarm systems 2023-06-16 21:47:06 U.S. power and electronics giant Eaton has fixed a security vulnerability that allowed a security researcher to remotely access thousands of smart security alarm systems. Security researcher Vangelis Stykas said he found the vulnerability in Eaton\u2019s SecureConnect, a cloud-based system […]<\/p>\n","protected":false},"author":1,"featured_media":35310,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"nf_dc_page":"","om_disable_all_campaigns":false,"pagelayer_contact_templates":[],"_pagelayer_content":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[26,17,8],"tags":[],"class_list":["post-35309","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-science","category-tech","category-technology"],"yoast_head":"\nA simple bug exposed access to thousands of smart security alarm systems - Science and Nerds<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/scienceandnerds.com\/2023\/06\/16\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"A simple bug exposed access to thousands of smart security alarm systems - Science and Nerds\" \/>\n<meta property=\"og:description\" content=\"Source:https:\/\/techcrunch.com\/2023\/06\/16\/eaton-secureconnect-security-alarm-vulnerability\/ A simple bug exposed access to thousands of smart security alarm systems 2023-06-16 21:47:06 U.S. power and electronics giant Eaton has fixed a security vulnerability that allowed a security researcher to remotely access thousands of smart security alarm systems. Security researcher Vangelis Stykas said he found the vulnerability in Eaton\u2019s SecureConnect, a cloud-based system […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/scienceandnerds.com\/2023\/06\/16\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems\/\" \/>\n<meta property=\"og:site_name\" content=\"Science and Nerds\" \/>\n<meta property=\"article:published_time\" content=\"2023-06-16T21:47:06+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-06-16T21:47:07+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/scienceandnerds.com\/wp-content\/uploads\/2023\/06\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems_648cd85ab8ca0.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"600\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/scienceandnerds.com\/2023\/06\/16\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems\/\",\"url\":\"https:\/\/scienceandnerds.com\/2023\/06\/16\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems\/\",\"name\":\"A simple bug exposed access to thousands of smart security alarm systems - Science and Nerds\",\"isPartOf\":{\"@id\":\"https:\/\/scienceandnerds.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/scienceandnerds.com\/2023\/06\/16\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/scienceandnerds.com\/2023\/06\/16\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/i0.wp.com\/scienceandnerds.com\/wp-content\/uploads\/2023\/06\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems_648cd85ab8ca0.jpeg?fit=600%2C400&ssl=1\",\"datePublished\":\"2023-06-16T21:47:06+00:00\",\"dateModified\":\"2023-06-16T21:47:07+00:00\",\"author\":{\"@id\":\"https:\/\/scienceandnerds.com\/#\/schema\/person\/ea2991abeb2b9ab04b32790dff28360e\"},\"breadcrumb\":{\"@id\":\"https:\/\/scienceandnerds.com\/2023\/06\/16\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/scienceandnerds.com\/2023\/06\/16\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/scienceandnerds.com\/2023\/06\/16\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems\/#primaryimage\",\"url\":\"https:\/\/i0.wp.com\/scienceandnerds.com\/wp-content\/uploads\/2023\/06\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems_648cd85ab8ca0.jpeg?fit=600%2C400&ssl=1\",\"contentUrl\":\"https:\/\/i0.wp.com\/scienceandnerds.com\/wp-content\/uploads\/2023\/06\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems_648cd85ab8ca0.jpeg?fit=600%2C400&ssl=1\",\"width\":600,\"height\":400},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/scienceandnerds.com\/2023\/06\/16\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/scienceandnerds.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"A simple bug exposed access to thousands of smart security alarm systems\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/scienceandnerds.com\/#website\",\"url\":\"https:\/\/scienceandnerds.com\/\",\"name\":\"Science and Nerds\",\"description\":\"My WordPress Blog\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/scienceandnerds.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/scienceandnerds.com\/#\/schema\/person\/ea2991abeb2b9ab04b32790dff28360e\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/scienceandnerds.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/7e6e14fc6691445ef2b2c0a3a6c43882?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/7e6e14fc6691445ef2b2c0a3a6c43882?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\/\/scienceandnerds.com\"],\"url\":\"https:\/\/scienceandnerds.com\/author\/admin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"A simple bug exposed access to thousands of smart security alarm systems - Science and Nerds","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/scienceandnerds.com\/2023\/06\/16\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems\/","og_locale":"en_US","og_type":"article","og_title":"A simple bug exposed access to thousands of smart security alarm systems - Science and Nerds","og_description":"Source:https:\/\/techcrunch.com\/2023\/06\/16\/eaton-secureconnect-security-alarm-vulnerability\/ A simple bug exposed access to thousands of smart security alarm systems 2023-06-16 21:47:06 U.S. power and electronics giant Eaton has fixed a security vulnerability that allowed a security researcher to remotely access thousands of smart security alarm systems. Security researcher Vangelis Stykas said he found the vulnerability in Eaton\u2019s SecureConnect, a cloud-based system […]","og_url":"https:\/\/scienceandnerds.com\/2023\/06\/16\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems\/","og_site_name":"Science and Nerds","article_published_time":"2023-06-16T21:47:06+00:00","article_modified_time":"2023-06-16T21:47:07+00:00","og_image":[{"width":600,"height":400,"url":"https:\/\/scienceandnerds.com\/wp-content\/uploads\/2023\/06\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems_648cd85ab8ca0.jpeg","type":"image\/jpeg"}],"author":"admin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/scienceandnerds.com\/2023\/06\/16\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems\/","url":"https:\/\/scienceandnerds.com\/2023\/06\/16\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems\/","name":"A simple bug exposed access to thousands of smart security alarm systems - Science and Nerds","isPartOf":{"@id":"https:\/\/scienceandnerds.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/scienceandnerds.com\/2023\/06\/16\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems\/#primaryimage"},"image":{"@id":"https:\/\/scienceandnerds.com\/2023\/06\/16\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/scienceandnerds.com\/wp-content\/uploads\/2023\/06\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems_648cd85ab8ca0.jpeg?fit=600%2C400&ssl=1","datePublished":"2023-06-16T21:47:06+00:00","dateModified":"2023-06-16T21:47:07+00:00","author":{"@id":"https:\/\/scienceandnerds.com\/#\/schema\/person\/ea2991abeb2b9ab04b32790dff28360e"},"breadcrumb":{"@id":"https:\/\/scienceandnerds.com\/2023\/06\/16\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/scienceandnerds.com\/2023\/06\/16\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/scienceandnerds.com\/2023\/06\/16\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems\/#primaryimage","url":"https:\/\/i0.wp.com\/scienceandnerds.com\/wp-content\/uploads\/2023\/06\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems_648cd85ab8ca0.jpeg?fit=600%2C400&ssl=1","contentUrl":"https:\/\/i0.wp.com\/scienceandnerds.com\/wp-content\/uploads\/2023\/06\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems_648cd85ab8ca0.jpeg?fit=600%2C400&ssl=1","width":600,"height":400},{"@type":"BreadcrumbList","@id":"https:\/\/scienceandnerds.com\/2023\/06\/16\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/scienceandnerds.com\/"},{"@type":"ListItem","position":2,"name":"A simple bug exposed access to thousands of smart security alarm systems"}]},{"@type":"WebSite","@id":"https:\/\/scienceandnerds.com\/#website","url":"https:\/\/scienceandnerds.com\/","name":"Science and Nerds","description":"My WordPress Blog","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/scienceandnerds.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/scienceandnerds.com\/#\/schema\/person\/ea2991abeb2b9ab04b32790dff28360e","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/scienceandnerds.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/7e6e14fc6691445ef2b2c0a3a6c43882?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7e6e14fc6691445ef2b2c0a3a6c43882?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/scienceandnerds.com"],"url":"https:\/\/scienceandnerds.com\/author\/admin\/"}]}},"jetpack_sharing_enabled":true,"jetpack_featured_media_url":"https:\/\/i0.wp.com\/scienceandnerds.com\/wp-content\/uploads\/2023\/06\/a-simple-bug-exposed-access-to-thousands-of-smart-security-alarm-systems_648cd85ab8ca0.jpeg?fit=600%2C400&ssl=1","_links":{"self":[{"href":"https:\/\/scienceandnerds.com\/wp-json\/wp\/v2\/posts\/35309","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/scienceandnerds.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/scienceandnerds.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/scienceandnerds.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/scienceandnerds.com\/wp-json\/wp\/v2\/comments?post=35309"}],"version-history":[{"count":1,"href":"https:\/\/scienceandnerds.com\/wp-json\/wp\/v2\/posts\/35309\/revisions"}],"predecessor-version":[{"id":35311,"href":"https:\/\/scienceandnerds.com\/wp-json\/wp\/v2\/posts\/35309\/revisions\/35311"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/scienceandnerds.com\/wp-json\/wp\/v2\/media\/35310"}],"wp:attachment":[{"href":"https:\/\/scienceandnerds.com\/wp-json\/wp\/v2\/media?parent=35309"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/scienceandnerds.com\/wp-json\/wp\/v2\/categories?post=35309"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/scienceandnerds.com\/wp-json\/wp\/v2\/tags?post=35309"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}