Bishop Fox named “Leader” in 2024 GigaOm Radar for Attack Surface Management. Read the Report ›

Where there’s smoke…: How a Traeger vulnerability could have put grilling season at risk

Bishop Fox Security Consultant, Nisk Cerne discovered and worked with Traeger Grills to disclose a vulnerability in the company’s embedded Wi-Fi Controller that allows users to connect to and control their grills remotely.

 

From consumer drones and smart speakers, to farm equipment, Bishop Fox is very experienced at finding ways that criminals may try and outsmart the latest smart devices.

To that end, while previous News Insights videos have focused on deciphering public events of breaches and vulnerabilities, this episode gives us an opportunity to showcase research from the Fox Den itself, and it’s a hot one.

Bishop Fox Security Consultant, Nick Cerne discovered and worked with Traeger Grills to disclose a vulnerability in the company’s embedded Wi-Fi Controller that allows users to connect to and control their grills remotely with a mobile device to manage cooking cycles. The vulnerability would allow someone else to remotely access the grill, and either from its standby state or during cooking, adjust the temperature and issue other grill commands. This could include pushing the grill to its maximum temperature, risking fire hazards if not simply a ruined meal.

We asked Nick what drew him to the research, what process he took, why people should care, and what they should do about this or any product they buy that is connected. We also asked him to explain it as if he was talking to someone at a cookout...


Nick Cerne Headshot

About the author, Nick Cerne

Security Consultant III

Nicholas Cerne is a Security Consultant III at Bishop Fox, specializing in application penetration testing, hybrid application assessments, and cloud environment testing. He also enjoys conducting IoT security research as a hobby. Nicholas holds the Offensive Security Certified Professional (OSCP), Offensive Security Web Expert (OSWE), and Security+ certifications.

He graduated with a B.S. in Cybersecurity from Virginia Tech, where he formerly served as president of the university's Cybersecurity Club.

More by Nick

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.