I'm not picking on this one manufacturer of garage doors. They just happened to be the subject of this news article today. But they have 20,000 user accounts controlling 40,000 smart devices and there's a significant security flaw in their products.
The company uses a universal password AND the users' data is left unencrypted. A hacker was able to get into the user data and demo the ability to open garage doors with info taken from the site.
A 10-minute conversation with Intertek's Cybersecurity team could've exposed this vulnerability, and further testing and certification could've ensured security against future attempts.
Since manufacturers and brand-owners continue to fail at protecting their connected devices from hacks (and therefore failing to protect their customers), it's now in the hands of WE THE PEOPLE to demand that these devices have proven protection. Otherwise we're putting ourselves, our loved ones, our privacy, and all of our "stuff" at risk.
“Using a universal password for all devices presents a significant vulnerability, as unauthorized users can access the entire ecosystem by obtaining the shared password,” Sabetan wrote. “In doing so, they could compromise not only the privacy but also the safety of Nexx’s customers by controlling their garage doors without their consent.”
unknownx500
/Passle/60211dc9e5416a0c14bc63d4/SearchServiceImages/2025-12-03-19-31-44-490-69309020a71bd983b528ca6c.jpg)
