Security experts at cybersecurity company Rapid7 have highlighted a few flaws that can be threat actors can exploit to remotely deactivate one of the home security systems offered by Fortress Security Store, a US-based physical solutions provider.
The company claims its products are used by thousands of consumers and companies.
The vulnerabilities were discovered in Fortress’ S03 WiFi Security System, which connects to a current Wi-Fi network or phone line.
Rapid7 researchers revealed that the product is impacted by two vulnerabilities that can be exploited remotely.
One of them, tracked as CVE-2021-39276, has been labeled as an unauthenticated API access issue. A hacker who knows the targeted user’s email address can use the email address to interrogate the API and get the security system’s related IMEI number. Once they have attained the IMEI, the hacker can send unauthenticated POST requests to make changes to the system, including to neutralize it.
The second flaw, tracked as CVE-2021-39277, can be abused to launch a radio frequency (RF) signal replay attack. Because of the fact that communications between different components of the home security system are not appropriately safeguarded, a hacker can seize various commands — such as arm or disarm — using a software-defined radio device, and then rerun those commands later.