Belkin smart plug plagued by security flaw, with no fix in sight
The plug came out in 2019 and has a significant problem.
The Belkin Smart Plug Mini V2, a popular smart home device, has been found to contain a critical security vulnerability.
Despite growing concerns from customers and security professionals, Belkin has made it clear that they have no intention of resolving the issue.
This decision leaves users exposed to potential cyber threats and raises questions about the company’s commitment to consumer safety.
According to The Verge, a security research company, Sternum discovered the exploit.
Belkin was first notified of the problem in January 2023. It allows hackers to gain remote access to the smart plug, enabling them to control the device remotely.
Here’s how it works: By changing the device name to one with over 30 characters, a buffer overflow can be triggered, enabling the hacker to enter commands without requiring physical access.
To exploit the vulnerability, hackers must connect to the Wemo plug using a community-made Python app called PyWeMo.
After discovering a security issue, Sternum reported it to Mitre Corporation, a non-profit cybersecurity organization. Mitre then assigned the issue the identifier CVE-2023-27217.
So why isn’t Belkin fixing it?
The company says that the device isn’t officially supported. Speaking to 9to5Mac, the company told them the device is at the end of its life and will not be patched.”
So why would Belkin suddenly stop supporting this product? Because it is a recurring theme in tech, as companies only support products for a certain amount of time.
This is called EOL, which stands for “end of life.” Any time after that, it’s usually recommended that the product gets replaced by the customer with something newer.
The Verge recommends this exact solution for the Wemo Smart Plug Mini V2, and we couldn’t agree more: Replace it.
For anyone curious, Belkin Wemo is a line of smart home products that allows users to control parts of their home’s devices remotely. Think smart lightbulbs, smart appliances, and more.
So it’s safe to say that if you have any Wemo products installed in your home, remember that Wemo won’t issue quality-of-life updates if they ever fall victim to security threats.
- Chrome users: Update now; critical security update rolling out now
- iPhone users: Stop making this common security mistake
- Twitter data breach exposes millions of email addresses
- Plex users: Reset your password – a data breach has you at risk
Just a heads up, if you buy something through our links, we may get a small share of the sale. It’s one of the ways we keep the lights on here. Click here for more.