The affected internet-connected models can be discovered by hackers or pranksters using simple internet scans like NMap and Shodan and remotely accessed to play an audio clip of their choosing, researchers said.
"This site, with no authentication, allows you to see information about the tracks now being played, what music libraries it knows about, what devices have ever connected to it to control it, and down to personal information such as emails associated with specific audio streaming services like Spotify", the report stated.
As well as playing any sound or voice command at will, the speakers also revealed the name of the Wi-Fi network they were connected to, and the owner's Spotify and Pandora username. Only a small fraction of Sonos and Bose speakers are vulnerable, but it's certainly a odd exploit to keep an eye out for. Since home assistants have access to several other internet connected devices, including door locks, this could pose serious security concerns to people who have turned their place into an internet connected, smart home.
For example, the researchers point out, if there's a smart speaker nearby, they could use their access to trigger commands.
Trend Micro has notified Sonos and Bose regarding the security vulnerabilities.
The researchers discovered a security vulnerability in a small proportion of speakers made by Bose and Sonos including the Sonos Play:1, Sonos One, and Bose SoundTouch products, according to a report in International Business Times.
The problem, it appears, is down to how straightforward connected speaker companies try to make setting up their devices.
If there's a poorly secured external network connection - such as hosting files accessible over the internet from a network-attached storage device, or running a game server - or a compromised IoT device already connected to that network, that combination could allow the hack. Trend Micro also found that there was an unauthenticated status site page being served by Sonos devices. She resorted to unplugging her speaker; you might just need to ensure that your network is properly protected, with no compromised devices or routers running default admin passwords.
A Sonos representative told Wired in an email that it is looking into the hacking more but stated this specific instance references a misconfiguration of a user's network and impacts a very small number of users. The Sonos flaws, in particular, could have enabled an attacker to gain information about Sonos users as well as potentially enabling limited control of a device to play songs. Did you receive any smart speakers over the past weekend? Another was access to a list of devices as well as shared folders that were on the same network as the test device.
All the same, this microcosm attack on certain speakers is likely to just be the tip of the IoT security iceberg. As such, even though simply getting access to a vulnerable Sonos device might initially just seem like a nuisance type of attack, there is the potential that the vulnerable device could become a launching point for a wider, more invasive attack. Moreover, in their eagerness to minimize installation headaches in order to maximize IoT adoption, manufacturers may be inadvertently leaving users' networks at risk.