Vulnerabilities found out Insteon wireless protocol and hub

The following is from the Rapid7 blog:

Insteon Hub: Unencrypted credential storage and radio replay vulnerabilities

Two issues related to authentication and radio transmission security were discovered in the Insteon Hub:

CVE-2017-5250, R7-2017-20.1, CWE 922 (Insecure Storage of Sensitive Information): the OAuth token used by the Insteon Android application to authorize user access is not stored in an encrypted and secure way.
CVE-2017-5251, R7-2017-20.2, CWE 294 (Authentication Bypass by Capture-replay): the radio transmissions used for communication between the Hub and connected devices are not encrypted, and do not provide sufficient protections to guard against capture-replay attacks.

1 Like