Security Analysis of Devolo HomePlug Devices

Abstract

Vulnerabilities in smart devices often are particular severe from a privacy point of view. If these devices form central components of the underlying infrastructure, such as Wifi repeaters, even an entire network may be compromised. The devastating effects of such a compromise recently became evident in light of the Mirai botnet. In this project, we have conducted a thorough security analysis of so-called HomePlug devices by Devolo, which are used to establish network communication over power lines. We have identified multiple security issues and find that hundreds of vulnerable devices are openly connected to the Internet across Europe. 87% run an outdated firmware, showing the deficiency of manual updates in comparison to automatic ones. However, even the default configurations of updated devices lack basic security mechanisms.

Team

Proof-of-Concept Implementations

To foster future research and improve existing implementations, we make all tools for analyzing the devices' firmware as well as proof-of-concept implementations of the attacks publicly available in the repository at:

https://github.com/intellisec/devolo

Publication

A detailed description of our work has been presented at the 12th ACM European Workshop on Systems Security (EuroSec 2019) in March 2019. If you would like to cite our work, please use the reference as provided below.

@InProceedings{SchWre19,
author =    {Rouven Scholz and Christian Wressnegger},
title =     {Security Analysis of Devolo HomePlug Devices},
booktitle = {Proc. of the {ACM} European Workshop on Systems
Security ({EuroSec})},
year =      2019,
month =     mar,
day =       {25.}
}

A preprint of the paper is available here.