Have you guys seen this?
https://www.pentestpartners.com/security-blog/z-shave-exploiting-z-wave-downgrade-attacks/
Is it posible to implement a feature that detects this kind of attack?
Have you guys seen this?
https://www.pentestpartners.com/security-blog/z-shave-exploiting-z-wave-downgrade-attacks/
Is it posible to implement a feature that detects this kind of attack?
From the article:
This means that an attacker in RF range when the device is paired can obtain the network key and attack any device on the network.
I don’t mean to imply that this is not a problem, but I think this is a relatively lower risk issue. Someone would have to be in very close proximity to your house (i.e., in or right next to) and watching your z-wave traffic at the moment your pair a device.
Attacks like this are lower risk because it’s so low yield for an attacker. They have to be in range of your z-wave controller at the moment a new device is paired - so it’s not like they can drive around looking for houses with z-wave and immediately open the z-wave door lock or exploit it with a script over the internet, etc.
This reminds me of early bluetooth days when similar issues existed with the pairing process.
Maybe it’s possible to detect, but I’m with @ha_steve - it’s overblown (IMO bordering on FUD). If something like this worries you then you should be more concerned that somebody could take a picture of your key when you approach your front door, and then 3D print a copy
This is super low risk… For this attack to work you need:
So the conditions for it to be exploited are pretty narrow. I am not saying it could not happen but it’s not likely.
I for one will continue to watch for strange vans on my front street before adding z-wave devices to ensure no deep-state attempts to gain control over my home lighting occurs!