{"id":95400,"date":"2016-07-26T17:19:52","date_gmt":"2016-07-26T15:19:52","guid":{"rendered":"http:\/\/www.ifun.de\/?p=95400"},"modified":"2016-07-26T17:24:26","modified_gmt":"2016-07-26T15:24:26","slug":"angeblich-schwere-sicherheitsluecken-bei-osram-lightify","status":"publish","type":"post","link":"https:\/\/www.ifun.de\/angeblich-schwere-sicherheitsluecken-bei-osram-lightify-95400\/","title":{"rendered":"Angeblich schwere Sicherheitsl\u00fccken bei Osram Lightify"},"content":{"rendered":"<p>Das Beleuchtungssystem <a href=\"https:\/\/www.osram-lamps.de\/smart-home\/index.jsp\">Osram Lightify<\/a> weist offenbar mehrere teils schwere Sicherheitsl\u00fccken auf. Angreifer k\u00f6nnten einem Bericht des Sicherheitsdienstleisters <a href=\"https:\/\/www.rapid7.com\">Rapid7<\/a> zufolge nicht nur Zugriff auf die Lichtsteuerung erhalten, sondern auch das Kennwort des privaten WLAN-Netzes herausfinden.<\/p>\n<p><a href=\"http:\/\/images.ifun.de\/wp-content\/uploads\/2016\/07\/osram-lightify-programm.jpg\"><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/images.ifun.de\/wp-content\/uploads\/2016\/07\/osram-lightify-programm.jpg\" alt=\"Osram Lightify Programm\" width=\"500\" height=\"260\" class=\"alignnone size-full wp-image-95401\" srcset=\"https:\/\/images.ifun.de\/wp-content\/uploads\/2016\/07\/osram-lightify-programm.jpg 500w, https:\/\/images.ifun.de\/wp-content\/uploads\/2016\/07\/osram-lightify-programm-300x156.jpg 300w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><\/a><\/p>\n<p>Der vom IT-Magazin <a href=\"http:\/\/www.zdnet.com\/article\/serious-security-flaws-found-in-osram-smart-bulbs\/\">ZDNet<\/a> zitierte Bericht schildert die M\u00f6glichkeit, Osram Lightify als Einfallstor und Basis f\u00fcr verschiedene Angriffsszenarien zu nutzen. Das Magazin h\u00e4lt sich mit Details allerdings weitgehend zur\u00fcck.<\/p>\n<blockquote>\n<p>The security firm said in an advisory that one of the worst flaws could allow an attacker to &quot;take control of a product&quot; in order to launch attacks against a browser by allowing the injection of persistent JavaScript and web-based HTML code into the web management interface.<br \/>That could lead to browser-based attacks against a user.<br \/>Another severe weakness in the smart home device allows an attacker to identify the wireless network&#39;s password. The devices use short, eight-character codes, which can be easily cracked within a matter of minutes or hours.<\/p>\n<\/blockquote>\n<p>Bei Osram war f\u00fcr eine Stellungnahme niemand zu erreichen. Wir gehen zumindest davon aus, dass der Hersteller wenn n\u00f6tig schnellstm\u00f6glich ein fehlerbehebendes Update ver\u00f6ffentlicht oder die Darstellung der Sicherheitsforscher korrigiert.<\/p>\n","protected":false},"excerpt":{"rendered":"<a href=\"https:\/\/www.ifun.de\/angeblich-schwere-sicherheitsluecken-bei-osram-lightify-95400\/\"><img width=\"150\" height=\"150\" src=\"https:\/\/images.ifun.de\/wp-content\/uploads\/2016\/07\/osram-lightify-150x150.jpg\" class=\"alignright tfe wp-post-image\" alt=\"Osram Lightify\" decoding=\"async\" loading=\"lazy\" \/><\/a><p>Das Beleuchtungssystem Osram Lightify weist offenbar mehrere teils schwere Sicherheitsl\u00fccken auf. Angreifer k\u00f6nnten einem Bericht des Sicherheitsdienstleisters Rapid7 zufolge nicht nur Zugriff auf die Lichtsteuerung erhalten, sondern auch das Kennwort des privaten WLAN-Netzes herausfinden. Der vom IT-Magazin ZDNet zitierte Bericht schildert die M\u00f6glichkeit, Osram Lightify als Einfallstor und Basis f\u00fcr verschiedene Angriffsszenarien zu nutzen. Das [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":95402,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[2516,1572],"class_list":["post-95400","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-osram-lightify","tag-smarthome"],"acf":[],"aioseo_notices":[],"featured_image":["http:\/\/images.ifun.de\/wp-content\/uploads\/2016\/07\/osram-lightify.jpg"],"rest_api_enabler":{"featured_image":"http:\/\/images.ifun.de\/wp-content\/uploads\/2016\/07\/osram-lightify.jpg"},"_links":{"self":[{"href":"https:\/\/www.ifun.de\/apiv2\/wp\/v2\/posts\/95400","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ifun.de\/apiv2\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ifun.de\/apiv2\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ifun.de\/apiv2\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ifun.de\/apiv2\/wp\/v2\/comments?post=95400"}],"version-history":[{"count":4,"href":"https:\/\/www.ifun.de\/apiv2\/wp\/v2\/posts\/95400\/revisions"}],"predecessor-version":[{"id":95406,"href":"https:\/\/www.ifun.de\/apiv2\/wp\/v2\/posts\/95400\/revisions\/95406"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ifun.de\/apiv2\/wp\/v2\/media\/95402"}],"wp:attachment":[{"href":"https:\/\/www.ifun.de\/apiv2\/wp\/v2\/media?parent=95400"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ifun.de\/apiv2\/wp\/v2\/categories?post=95400"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ifun.de\/apiv2\/wp\/v2\/tags?post=95400"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}