Hackers could ruin your next cookout if you own one of these smart grills — update right now
An attacker would need to be close to take control of your grill though
If you’re thinking of firing up your grill for a 4th of July BBQ today, I’ve got bad news for you. A new high-severity vulnerability in some of the best grills from Traeger can be exploited by hackers to completely ruin your cookout.
As reported by The Register, a security consultant at Bishop Fox recently discovered two security flaws along with some other issues in several Traeger smart grills and detailed their findings in a blog post. The grills in question have a Traeger Grill D2 Wi-Fi Controller module that allows them to be controlled using a mobile app.
Of these vulnerabilities, one has a high severity score of 7.1, while the other is less severe, with a score of 4.3. Still, if exploited by an attacker, these flaws can be used to change temperature controls or shut down a grill before a cook is finished.
The first flaw is an insufficient authorization control issue that can be used to capture network traffic while someone is pairing their grill with Traeger’s app. For this vulnerability to be exploited, an attacker must know the unique 48-bit identifier of the grill they’re targeting. However, this identifier can also be obtained by scanning a QR code located inside the grill’s pellet hopper.
Either way, an attacker must be relatively close to a vulnerable Traeger grill to pull this off. If you haven’t upset anyone with a background in cybersecurity or hacking, you and your 4th of July cookout should be safe. Still, you will want to update your Traeger grill sooner rather than later to avoid falling victim to such an attack.
How to update your Traeger grill
After Bishop Fox security consultant Nick Cerne discovered these flaws and reported them to Traeger, the company updated the firmware of its grills to patch both vulnerabilities. However, there are a few steps you’ll need to take to apply these updates to your Traeger grill.
Instead of needing to be updated manually, the company’s grills update on their own whenever new software is available. For this process to work, though, your grill must be plugged in with the power button in the ON position while connected to Wi-Fi. Your Traeger grill will attempt to update automatically four times. If it fails during this process, the grill will not try again until the next update is available.
Sign up to get the BEST of Tom's Guide direct to your inbox.
Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
If you need extra help updating your Traeger grill, this support page has everything you need to know about the update process.
Smart devices may be convenient, but they can also put you at risk if you don’t install the latest updates when they become available. This is why you should periodically check to see if any new updates have been released. In this case though, that means leaving your Traeger grill on in standby mode and connected to Wi-Fi at least once a month.
More from Tom's Guide
- Downloading this new browser could leave your Mac with a nasty malware infection
- Hackers are now using 'malware cluster bombs' in their attacks
- Samsung phones just got a major security update, but a fix for a dangerous zero-day is still missing
Anthony Spadafora is the managing editor for security and home office furniture at Tom’s Guide where he covers everything from data breaches to password managers and the best way to cover your whole home or business with Wi-Fi. He also reviews standing desks, office chairs and other home office accessories with a penchant for building desk setups. Before joining the team, Anthony wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home.
-
USAFRet Q1: Why do you have/need a 'smart grill'?Reply
I grill 3-4-5 times a week, and never once, in the history of ever, has my grill been 'hacked'.
Simply because it does not have, nor do I need, that "functionality". -
COLGeek
Exactly! Not all things need to be "smart".USAFRet said:Q1: Why do you have/need a 'smart grill'?
I grill 3-4-5 times a week, and never once, in the history of ever, has my grill been 'hacked'.
Simply because it does not have, nor do I need, that "functionality".