Any IoT device can be hacked, even grills

As more and more household appliances and devices become internet-enabled, they also become susceptible to potential exploitation. Serious grillers now face the possibility of wasted barbecue—not because they chose the wrong cut of meat or didn’t pay enough attention to maintaining the perfect temperature, but because their grill got hacked.

Nick Cerne of Bishop Fox has discovered multiple security flaws in certain types of Traeger grills, a well-known grilling and smoking brand. The affected models are equipped with the Traeger Grill D2 Wi-Fi Controller, a built-in device that lets you control the grill using a mobile app. The vulnerabilities could allow a remote attacker to issue commands to the grill, such as obtaining information about the grill, including the serial number, or completely shutting it down.

Putting aside the question of why any grill needs a mobile app, this is the kind of intrusion most people don’t expect when grilling. Take the first vulnerability, with a severity score of 7.1 (high), which is a weak authorization check issue in the API responsible for registering the grill. The Bishop Fox research team was able to remotely turn off the grill (owned by a non-researcher) and also increase the temperature. In this case, the researchers changed the temperature from 165 degrees Fahrenheit to 500 degrees Fahrenheit.

“Instead of being smoked into a delicious meal, the tofu was reduced to a blackened, inedible crispiness,” Bishop Fox’s team wrote in a research note. “The lack of authorization controls could be used to antagonize Traeger grill owners by setting the temperature to a maximum of 500 degrees Fahrenheit for the remainder of the cooking cycle, ruining food that was cooked unattended.”

While the researchers were able to wake the grill from standby mode, manipulate the temperature, and turn it off, they were unable to identify a way to remotely light the grill. However, the findings underscore something that is crucial to ensuring IoT security: possibility of solving the problem.

In this case, Traeger has automatic firmware updates for its grills. This means that all Traeger grills affected by the insufficient permissions vulnerability that are connected to the internet have already been updated, without the grill owner having to take any action. The challenge with the Internet of Things has always been what to do when vulnerabilities are found — users don’t download updates and then figure out how to load them onto devices like refrigerators, cameras, and in this case, grills. The fact that Traeger is taking care of this task so grill owners don’t have to is crucial. More manufacturers need to develop update mechanisms to make this possible. safe for users so many of these systems have the ability to connect to the internet.

It’s important to note, however, that any potential attacker will first need a unique 48-bit identifier for the target grill. This limits the pool of attackers to one in close proximity—close enough to intercept network traffic when the grill is paired with the app, or close enough to scan the QR code on the sticker on the grill. This highlights the second thing about potential IoT attacks: keeping track of what’s happening with devices, securing your network from guests, and maintaining physical control over devices helps prevent exploitation attempts.

“Bishop Fox also recommends using a physical power switch to turn off grills when not in use.” This seems like good advice on all counts.