Skip to main content
  1. Home
  2. Web
  3. News

Dangerous security flaw discovered in smart commercial dishwasher

By

miele professional smart bug iotwasher
Miele
Another ‘smart’ appliance has been found with serious security flaws by white hat hackers. This time around it’s a commercial washer-disinfector produced by Miele Professional, which connects to the Internet of Things, but allows anyone connecting to it to request any file from its web server.

The Miele Professional PG8528 is big dishwasher and disinfector that’s designed for cleaning restaurant dishes and/or medical apparatus. As with many contemporary appliances, Miele has made it connected. With a built-in RS232 serial connector and Ethernet cable, it can be hooked up to various other appliances and a local network for wider internet connectivity.

Recommended Videos

That’s great for smart functions, but when it has a poorly secured web server back-end, it means that the appliance could be hacked by anyone with a rudimentary understanding of security.

Related

The flaw is because the PST10 webserver embedded in the machine, “typically listens to port 80 and is prone to a directory traversal attack.” That could theoretically allow an attacker to discover sensitive information about the local network or the organization managing it, thereby giving them a new attack vector in the future.

This bug was discovered by Jens Regel of Schneider & Wulf, who purportedly contacted Miele Professional about the problem in November last year. However after speaking with a security representative at the company, they received no response for several months. With that in mind, they have now made the flaw public, in the hope that the company does something about it.

At the time of writing, no official statement has been made by Miele Professional, and the full disclosure page for the bug suggests that there has been no fix for the security problem as of yet.

Unfortunately, this sort of exploit path using IoT devices is becoming far too common. While we might not go as hard on the acronyms as ZDnet, as it points out, with more and more device manufacturers looking to make their appliances smart without impacting the cost of the product too much, we could see many more of these kinds of bugs in the future. In turn, that could enable much more dangerous attack vectors.

Possibly complicating matters, the head of the FCC, Maureen Ohlhausen, recently stated that she would rather the IoT industry be self-regulated, rather than being obligated to respond to strict federal regulation. In the absence of responsible industry players, that could leave many consumers at risk of further attacks.

Editors’ Recommendations

Topics
Jon Martindale
Jon Martindale
Computing Coordinator
Jon Martindale is the Evergreen Coordinator for Computing, overseeing a team of writers addressing all the latest how to…
How to deactivate your Instagram account (or delete it)
A person holding a phone with the Instagram app open on it.

Oh, social media. Sometimes it’s just too much, folks. If you’re finding yourself in a position where shutting down your Instagram account for a period of time sounds good, Meta’s powers that be have made it pretty simple to deactivate your Instagram account. It’s also quite easy to completely delete your Instagram, although we wouldn’t recommend this latter option if you plan on returning to the platform at a later date.

Read more
How to clear cookies
A person uses a tablet with an HP laser printer in an office.

Cookies are a convenient way to experience the parts of the internet you frequently visit. One can think of these non-edible artifacts as digital breadcrumbs for info you may not want to remember every time. But when your computer is tasked with remembering too many of these trail-markers, it can really slow down your machine. Regardless of the browser you’re using, it’s a good idea to clear your cookies every once in a while.

Read more
Best Buy Memorial Day sale: early TV, laptop, and appliance deals
Digital Trends Best Buy Prime Day Deals Alt

While Memorial Day is still several days away, there are a lot of excellent early Memorial Day deals you can pick up right now from Best Buy. That includes everything from the best TVs, the best Phones, the best Air Fryers, and even the best smart home devices out there, so you have a huge variety of deals to pick from. Of course, there is an overwhelming number of options out there, which is why we've scoured Best Buy for our favorite deals in various categories and collected them all below, so be sure to check out everything in detail.

Best Best Buy Memorial Day TV Deals

Read more