The German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik BSI) warns against the use of an Abus wireless door lock. The HomeTec Pro CFA3000 model is affected. In contrast to the successor, which is considered secure, the older model can be recognized by the fact that it does not have a Bluetooth logo on the front.
The BSI recommends replacing the affected door lock immediately. Logically, by exploiting the vulnerability, direct access to the actual locked apartment or office floor can be gained.
ABUS confirms the unspecified error and points out that the HomeTec Pro CFA3000 has been replaced by a successor model since March. In plain language this means that old models must be replaced at your own expense.
This shows once again that smart home devices that cannot be updated and at the same time perform critical tasks can quickly become a cost factor should security gaps be discovered. Those affected by a faulty lock can currently consider the following smart home locks:
