This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Top IoT Vulnerabilities"
From OWASP
Craig Smith (talk | contribs) (Created page with "= Top IoT Vulnerabilities = The top IoT vulnerabilities (DRAFT) are as follow: {| border="1" class="wikitable" style="text-align: left" ! Vulnerability ! Attack Surface ! Su...") |
Craig Smith (talk | contribs) |
||
Line 1: | Line 1: | ||
− | |||
− | |||
The top IoT vulnerabilities (DRAFT) are as follow: | The top IoT vulnerabilities (DRAFT) are as follow: | ||
Revision as of 03:05, 30 November 2015
The top IoT vulnerabilities (DRAFT) are as follow:
Vulnerability | Attack Surface | Summary |
---|---|---|
Username Enumeration |
|
|
Weak Passwords |
|
|
Account Lockout |
|
|
Unencrypted Services |
|
|
Two-factor Authentication |
|
|
Poorly Implemented Encryption |
|
|
Update Sent Without Encryption |
|
|
Update Location Writable |
|
|
Denial of Service |
|
|
Removal of Storage Media |
|
|
No Manual Update Mechanism |
|
|
Missing Update Mechanism |
|
|
Firmware Version Display and/or Last Update Date |
|
|