According to cyber security researchers, a popular home security system can be disabled.
Rapid7 researchers discovered two flaws in the Fortress S03 home security system, which uses Wi-Fi to connect cameras, motion sensors, and sirens to the internet so that owners can monitor their homes remotely.
Rapid7 disclosed the details of the two vulnerabilities after not hearing from Fortress for more than three months, which is the industry’s standard window of time for security disclosures.
The Rapid7 is confident it reached Fortress because its first support ticket was silently closed over a week after it was created, according to the timeline shared by the company.
Is anyone home?
According to the information provided by Rapid7, the Fortress S03 system relies on a radio-controlled key fob to arm and disarm the system.
Its researchers discovered that the signals from the keys were unencrypted and could be intercepted. They allows them to capture and replay the “arm” and “disarm” signals.
It discovered a second vulnerability in Fortress’ unauthenticated API. It may be queried remotely via the internet without the server verifying the request’s identity. The service only needs a homeowner’s email address to return the device’s unique IMEI code, which may be used to remotely deactivate the system.
Rapid7 claims to have brought the concerns to Fortress’ attention, but the corporation never responded to their messages, even after they opened a fresh ticket reiterating their intention to disclose the data.
While Fortress did not answer TechCrunch’s inquiries. An email from their law firm described Rapid7’s assertions as “false, purposefully deceptive, and defamatory,” without providing further information.