Z-Wave, a company that manufactures IoT chips present in millions of devices worldwide, has a serious security problem: Its chips can have their pairing security downgraded to give attackers near-immediate access to all Z-Wave devices on a network.
The exploit is called Z-Shave, and it has been known of, and supposedly fixed, since 2013. The flaw rests in Z-Wave’s pairing protocol, which in 2013 was called S0. S0 transmitted network keys to network notes using all zeroes, which allowed it to be sniffed by attackers within radio frequency (RF) range.
Z-Wave fixed the S0 exploit in 2013 by introducing S2, a new security protocol that used advanced encryption and improved authentication to protect security keys. One problem: It’s easily downgradable to S0, and from there an attacker can easily take control of all the Z-Wave devices on a network.