Skip to main content
  1. Home
  2. Web
  3. News

Dangerous security flaw discovered in smart commercial dishwasher

By

miele professional smart bug iotwasher
Miele
Another ‘smart’ appliance has been found with serious security flaws by white hat hackers. This time around it’s a commercial washer-disinfector produced by Miele Professional, which connects to the Internet of Things, but allows anyone connecting to it to request any file from its web server.

The Miele Professional PG8528 is big dishwasher and disinfector that’s designed for cleaning restaurant dishes and/or medical apparatus. As with many contemporary appliances, Miele has made it connected. With a built-in RS232 serial connector and Ethernet cable, it can be hooked up to various other appliances and a local network for wider internet connectivity.

Recommended Videos

That’s great for smart functions, but when it has a poorly secured web server back-end, it means that the appliance could be hacked by anyone with a rudimentary understanding of security.

Related

The flaw is because the PST10 webserver embedded in the machine, “typically listens to port 80 and is prone to a directory traversal attack.” That could theoretically allow an attacker to discover sensitive information about the local network or the organization managing it, thereby giving them a new attack vector in the future.

This bug was discovered by Jens Regel of Schneider & Wulf, who purportedly contacted Miele Professional about the problem in November last year. However after speaking with a security representative at the company, they received no response for several months. With that in mind, they have now made the flaw public, in the hope that the company does something about it.

At the time of writing, no official statement has been made by Miele Professional, and the full disclosure page for the bug suggests that there has been no fix for the security problem as of yet.

Unfortunately, this sort of exploit path using IoT devices is becoming far too common. While we might not go as hard on the acronyms as ZDnet, as it points out, with more and more device manufacturers looking to make their appliances smart without impacting the cost of the product too much, we could see many more of these kinds of bugs in the future. In turn, that could enable much more dangerous attack vectors.

Possibly complicating matters, the head of the FCC, Maureen Ohlhausen, recently stated that she would rather the IoT industry be self-regulated, rather than being obligated to respond to strict federal regulation. In the absence of responsible industry players, that could leave many consumers at risk of further attacks.

Editors' Recommendations

Topics
Jon Martindale
Jon Martindale
Computing Coordinator
Jon Martindale is the Evergreen Coordinator for Computing, overseeing a team of writers addressing all the latest how to…
How to enable picture-in-picture for YouTube on your Mac
Macbook Air

If you want to have a bit of music playing in the background or want to have your favorite YouTube video running in the corner of your screen, then the picture-in-picture YouTube feature needs to be on your radar. This allows you to turn your YouTube videos into a tiny pop-up window that can be moved and repositioned around your screen.

Mac users have several ways to activate the feature, including support on both Safari and Google Chrome. There's also a nifty Chrome extension that simplifies the task to a single button press. Here's a look at how to enable picture-in-picture for YouTube on your Mac.

Read more
How to change your Gmail password
pilot testing drivers licenses internet rolls two us states password

Changing your Gmail password is incredibly important for your online security. If you're anything like the average user, your Gmail account is linked to dozens of other organizations and programs – and if your account gets hacked, there's no telling what sort of damage can be done.

Because of this, it's crucial to change your Gmail password at regular intervals. Google makes this a rather painless process, and it should take no more than a few seconds from start to finish.

Read more
Best Buy deals: Save on laptops, TVs, appliances, and more
best buy shuts down insignia line smart home products store 2 768x768

Best Buy is always a great retailer to turn to if you’re looking for some savings. There are almost always Best Buy deals taking place on TVs, appliances, and devices we use to navigate the digital world. In fact, right now at Best Buy you can find some of the best TV deals, best laptop deals, and best phone deals that can be shopped, and we haven’t even mentioned the deals on tablets and home audio equipment currently taking place at Best Buy. We’ve rounded up all of the best Best Buy deals you can shop right now and categorized them for your convenience below, so read onward for some great opportunities to save.
Best Buy TV deals

There may be no better place to purchase one of the best TVs than Best Buy. There is almost always some huge savings to find on TVs at Best Buy, and that’s certainly the case right now. You’ll find deals top TV brands like Sony, Samsung, and LG, and more budget-friendly brands like TCL and Hisense are in play, too.

Read more