Vulnerability in Vaillant Heating Systems Allows Unauthorized Access
A critical security vulnerability in the heating and power systems of German company Vaillant allows unauthorized people access the systems, turn them off and damage them at will.
Vaillant has sent all its customers a warning, recommending they manually disconnect the vulnerable devices, namely ecoPower 1.0, from the network and wait for one of their employees to fix the systems on site.
Image credit: Vaillant
The heat and power ecoPower 1.0 systems connect to the Internet so their owners can control the heating in their homes from afar via a web interface. It is apparently this web interface that has proven buggy, allowing unauthorized people to access credentials for these systems to perform actions reserved either for home users or Vaillant service technicians.
When a perpetrator seizes access to a technician’s account, he can shut down the heating and power systems, damaging them in freezing winter temperatures or overheating them in summer. Another problem would be that crooks can also find all ecoPower systems connected at some point, since all Vaillant systems are hooked up to a custom DNS service.
Vaillant is offering its customers a fix for the bug while looking into a more permanent security solution in the form of a VPN box to encrypt the connection between the heating and power systems and the manufacturer.