Cyber company Rapid7 said it has found vulnerabilities in a Wi-Fi connected security system, saying the system has an unauthenticated API and an unencrypted radio signal that can be easily intercepted.
Together, Rapid7 said these vulnerabilities with a system called the Fortress S03, which uses Wi-Fi to connect cameras, motion sensors and sirens, can be exploited, allowing bad actors or non-owners to disarm the security system.
Rapid7 says it made these details public after not hearing from Fortress in three months, the standard window of time that security researchers give companies to fix bugs before details are made public. Rapid7 said its only acknowledgment of its email was when Fortress closed its support ticket a week later without commenting.
TechCrunch reported receiving an email from Bottone Reiling, a Massachusetts law firm representing Fortress, called the claims “false, purposely misleading and defamatory."
Rapid7 reported that the technology's unauthenticated API can be remotely queried over the internet without the server checking if the request is legitimate. The researchers say that by putting in a system owner's email address, the server would return the device’s IMEI, which could then be used to remotely disarm the system.