Wi-Fi Weakness: Traeger Grill Vulnerable to Remote Exploitation
Experts at Bishop Fox have identified several vulnerabilities in the Wi-Fi controller of the Traeger Grill D2 smart grill, which allows for remote management of cooking meat and vegetables via a mobile device. The discovered vulnerabilities may pose a serious threat to user security.
The researchers highlighted the following identified issues:
- Insufficient Authorization Controls
- Sensitive Information Disclosure
- Unencrypted Firmware
- Exposed Debug Ports
The insufficient control over authorization in the API responsible for registering grills enables attackers to manage another user’s grill. An attacker can obtain the grill’s identifier (a 48-bit code) and use it to register the grill via the API, allowing them to perform sensitive operations, such as altering the cooking temperature.
Traeger has already released a firmware update to address this issue. Grills connected to the internet will automatically receive the latest updates, ensuring users can be confident in the security of their devices.
Additionally, it was discovered that the GraphQL API used by the mobile application contained a ListGrills operation, which exposed information about all registered user grills to an attacker. Although accessing the API required an API key and an AWS Cognito token, this still presented a significant security risk. In response to the vulnerability report, Traeger has completely disabled the ListGrills operation.
The growing popularity of Internet of Things (IoT) devices necessitates comprehensive security checks to protect connected devices. To enhance the security of Traeger Grill D2 grills, Bishop Fox specialists recommend barbecue enthusiasts always use the physical power switch to fully disconnect the grills when not in use.
