Security Experts:

Connect with us

Hi, what are you looking for?


IoT Security

Vulnerabilities Can Allow Hackers to Disarm Fortress Home Security Systems

Researchers at cybersecurity firm Rapid7 have identified a couple of vulnerabilities that they claim can be exploited by hackers to remotely disarm one of the home security systems offered by Fortress Security Store.

Researchers at cybersecurity firm Rapid7 have identified a couple of vulnerabilities that they claim can be exploited by hackers to remotely disarm one of the home security systems offered by Fortress Security Store.

Fortress Security Store is a physical security solutions provider based in the United States. The company says thousands of consumers and businesses use its products.

Fortress home security systems can be disarmed by hackersThe flaws were found in Fortress’ S03 WiFi Security System, which connects to an existing Wi-Fi network or phone line. The system can include security cameras, window and door sensors, motion detectors, glass break and vibration sensors, as well as smoke, gas and water alarms.

Rapid7 researchers discovered that the product is affected by two vulnerabilities — both rated medium severity based on their CVSS score — that can be exploited remotely.

One of them, tracked as CVE-2021-39276, has been described as an unauthenticated API access issue. An attacker who knows the targeted user’s email address — the attack cannot be launched without this piece of information — can use the email address to query the API and obtain the security system’s associated IMEI number. Once they have obtained the IMEI, the attacker can send unauthenticated POST requests to make changes to the system, including to disarm it.

The second flaw, tracked as CVE-2021-39277, can be exploited to launch a radio frequency (RF) signal replay attack. Due to the fact that communications between different components of the home security system are not properly protected, an attacker can capture various commands — such as arm or disarm — using a software-defined radio device, and then replay those commands at a later time.

This attack does not require any prior knowledge of the targeted system, but it can only be launched by an attacker who is in the radio range of the target.

Rapid7 said it initially reported the flaws to Fortress in mid-May and again in mid-August. However, there does not appear to be a patch for the vulnerabilities.

There is not much that users can do to prevent RF attacks — except to avoid using key fobs and other RF devices linked to the system. Exploitation of CVE-2021-39276 can be prevented by registering the system with a unique email address that an attacker is unlikely to guess or obtain.

SecurityWeek has reached out to Fortress for comment, but we have not received a reply beyond an automated email confirming that our message was received.

Related: FragAttacks: New Vulnerabilities Expose All Devices With Wi-Fi to Attacks

Related: Smart Lightbulbs Used to Compromise Home and Business Networks

Related: Vulnerability Allows Hackers to Unlock Smart Home Door Locks

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.