News and Announcements

Showing results for 
Search instead for 
Do you mean 
Reply
Community Manager
Posts: 558
Registered: ‎05-27-2014

Regarding the September 2016 SECOT Conference IoT Security Talk and Wemo

[ Edited ]

Wemo is aware of the recent security vulnerabilities reported by Scott Tenaglia at Invincea labs and has been working closely with their team to address and correct them.

 

The good news: the Android app vulnerability was fixed with the release of version 1.15.2 back in August.

The less good news: the firmware fix for the SQL injection vulnerability is still in the works and will be included in our next release, slated for October.

 

We want to reassure Wemo users that their devices remain safe to use as the vulnerability requires an attempted hacker to be physically present and connected to the same local area network as the Wemo devices. Nevertheless, we are working diligently to fix the issue and will continue to work with security researchers to ensure that Wemo is as secure as possible.

 

Regards,

Wemo Team