August was notified about the vulnerability in December last year.
What you need to know
- An unpatched security hole in the August Smart Lock Pro + Connect could allow hackers to gain full access to your Wi-Fi network.
- The team of security researchers at Bitdefender found that the exchange of Wi-Fi login credentials between the smart lock and your smartphone in setup mode isn’t protected.
- August says it is aware of the vulnerability and is working on resolving the issue.
The Internet of Things security team at Bitdefender has discovered a security hole in the August Smart Lock Pro + Connect, which makes it possible for hackers to gain full access to your home Wi-Fi network.
Like most other smart home security devices, the August Lock Pro + Connect requires a connection to your Wi-Fi network. Since the smart lock doesn’t support any input device, it uses a “common technique” to receive the Wi-Fi login credentials. Once you put the August Smart Lock Pro + Connect in setup mode, it acts as an access point. You then connect to the access point with your phone, and the app sends the login credentials to the smart lock.
Even though August encrypts the login credentials in the device’s firmware, it relies on a simple cipher called ROT-13 for the encryption. This makes it easy for hackers to steal the Wi-Fi network login credentials when the exchange takes place between the August Smart Lock Pro + Connect and your smartphone.
Bitdefender reportedly contacted August regarding the vulnerability last December. While August initially agreed for mutual disclosure to take place in June 2020, communications later broke down. After waiting for nearly eight months, Bitdefender finally opted to disclose the issue.
In a statement sent to PCWorld, an August representative said:
The August team is aware of the vulnerability and is currently working to resolve the issue. At this time, we are not aware of any customer accounts affected. The attacker must know precisely when the customer is setting up the Connect device. Once the Connect is fully set up, it is no longer vulnerable to this attack.
