The top IoT vulnerabilities (DRAFT) are as follow:
Vulnerability
|
Attack Surface
|
Summary
|
Username Enumeration
|
- Administrative Interface
- Device Web Interface
- Cloud Interface
- Mobile Application
|
- Ability to collect a set of valid usernames by interacting with the authentication mechanism
|
Weak Passwords
|
- Administrative Interface
- Device Web Interface
- Cloud Interface
- Mobile Application
|
- Ability to set account passwords to '1234' or '123456' for example.
|
Account Lockout
|
- Administrative Interface
- Device Web Interface
- Cloud Interface
- Mobile Application
|
- Ability to continue sending authentication attempts after 3 - 5 failed login attempts
|
Unencrypted Services
|
|
- Network services are not properly encrypted to prevent eavesdropping by attackers
|
Two-factor Authentication
|
- Administrative Interface
- Cloud Web Interface
- Mobile Application
|
- Lack of two-factor authentication mechanisms such as a security token or fingerprint scanner
|
Poorly Implemented Encryption
|
|
- Encryption is implemented however it is improperly configured or is not being properly updated, e.g. using SSL v2
|
Update Sent Without Encryption
|
|
- Updates are transmitted over the network without using TLS or encrypting the update file itself
|
Update Location Writable
|
|
- Storage location for update files is world writable potentially allowing firmware to be modified and distributed to all users
|
Denial of Service
|
|
- Service can be attacked in a way that denies service to that service or the entire device
|
Removal of Storage Media
|
- Device Physical Interfaces
|
- Ability to physically remove the storage media from the device
|
No Manual Update Mechanism
|
|
- No ability to manually force an update check for the device
|
Missing Update Mechanism
|
|
- No ability to update device
|
Firmware Version Display and/or Last Update Date
|
|
- Current firmware version is not displayed and/or the last update date is not displayed
|