Security related ‘news’ that have Zigbee based lighting systems as the subject of their research make me feel on Groundhog Day. They show up repeatedly, and their content is about exchangeable, along with the solution. Ladies and Gentlemen, this time it’s Ikea Trådfri that Synopsys found a flaw in. The flaw exploits malformed Zigbee frames. The vendor patched the flaw in early 2022.
With just one malformed Zigbee frame, attackers could take over certain Ikea smart lightbulbs, leaving users unable to turn the lights down.