A security researcher found vulnerabilities in Jacuzzi’s SmartTub interface that allowed access to the personal data of every hot tub owner.
Jacuzzi’s SmartTub feature, like most Internet of Things (IoT) systems, lets users connect to their hot tub remotely via a companion Android or iPhone app. Marketed as a “personal hot tub assistant,” users can make use of the app to control water temperature, switch on and off jets, and change the lights.
But as documented by hacker Eaton Zveare, this functionality could also be abused by threat actors to access the personal information of hot tub owners
コメント