Unauthorized attacker can connect to the MQTT server controlling all of Electra's Smart AC units and gain full control of them

Aleph Research Advisory

Identifier

CVE-2023-30160

Severity

Critical

Product

Electra Smart

Technical Details

An attacker can connect to the MQTT server that is used to control all of Electra’s Smart AC units. No authorization or authentication takes place. Following the connection, the attacker gains full control of all the AC units connected to the server.

Timeline

12-Mar-23
: Public disclosure.
12-Mar-23
: CVE-2023-30160 assigned.
30-Oct-22
: Reported.

Posts

Why is it so hot here? Hacking Electra Smart air conditioners for fun and profit
By Lev Aronsky & Idan Strovinsky,
19-Jun 2023

Credit

Lev Aronsky (@levaronsky) of Aleph Research, HCL Technologies
Idan Strovinsky of Aleph Research, HCL Technologies