News and Announcements

Showing results for 
Search instead for 
Do you mean 
Reply
Community Manager
Posts: 558
Registered: ‎05-27-2014

An update regarding the November 2nd Forbes.com Article on Wemo security

This note is in regards to the Forbes.com article discussing Wemo security posted on November 2nd, 2016.  We have posted about this topic previously on our communities here.

 

Wemo is aware of the recent security vulnerabilities reported by the team at Invincea labs and has issued fixes to address and correct them. The Android app vulnerability was fixed with the release of version 1.15.2 back in August, and the firmware fix (versions 10884 and 10885) for the SQL injection vulnerability went live on November 1st.

 

We want to reassure Wemo users that their devices remain safe to use as, even before the fixes were issued, both vulnerabilities required an attempted hacker to be physically present and connected to the same local area network as the Wemo devices, and were not remotely exploitable.  We, as always, will continue to work with security researchers to address any security issues that are identified.