We sh*t you not; Smart toilet hacked
Posted by: Timothy Tibbetts on 08/05/2013 10:25 AM
[
Comments
]
Now you have seen it all. Trustwave has discovered that you can hack the Satis Smart Toilet.
BluetoothDevice localBluetoothDevice =
BluetoothManager.getInstance().execPairing(paramString, "0000")
As such, any person using the "My Satis" application can control any Satis toilet. An attacker could simply download the "My Satis" application and use it to cause the toilet to repeatedly flush, raising the water usage and therefore utility cost to its owner.
Attackers could cause the unit to unexpectedly open/close the lid, activate bidet or air-dry functions, causing discomfort or distress to user.
Apparently Satis doesent give a sh*t (sorry, too easy) according to Trustwaves logs:
Vendor Response:
No response received.
Remediation Steps:
No patch currently exists for this issue.
Revision History:
06/14/13 - Attempt to contact to vendor
07/10/13 - Attempt to contact to vendor
07/12/13 - Attempt to contact to vendor
08/01/13 - Advisory published
BluetoothDevice localBluetoothDevice =
BluetoothManager.getInstance().execPairing(paramString, "0000")
As such, any person using the "My Satis" application can control any Satis toilet. An attacker could simply download the "My Satis" application and use it to cause the toilet to repeatedly flush, raising the water usage and therefore utility cost to its owner.
Attackers could cause the unit to unexpectedly open/close the lid, activate bidet or air-dry functions, causing discomfort or distress to user.
Apparently Satis doesent give a sh*t (sorry, too easy) according to Trustwaves logs:
Vendor Response:
No response received.
Remediation Steps:
No patch currently exists for this issue.
Revision History:
06/14/13 - Attempt to contact to vendor
07/10/13 - Attempt to contact to vendor
07/12/13 - Attempt to contact to vendor
08/01/13 - Advisory published
Comments
