A pair of bugs in the Snap-owned tracking app reveal phone numbers and allow account hijacking.
Peloton Bike+ Bug Gives Hackers Complete Control
-
An attacker with initial physical access (say, at a gym) could gain root entry to the interactive tablet, making for a bevy of remote attack scenarios.
https://threatpost.com/peloton-bike-bug-hackers-control/166960/
DISCLAIMER: Please note, that this article is not the work of (or owned by) Hostrisk.com. Attribution and copyright of this article is retained in full by the original author referred to in the Source link above
-
@cerberus wow. Not even a simple validation of a checksum at boot ? Come on Peloton. This is a pretty poor oversight and security 101.