July 3, 2024 at 12:31PM
The Traeger Grill D2 Wi-Fi Controller had high-severity vulnerabilities, allowing remote attackers to control the grill, potentially ruining meals. Attackers could exploit weaknesses in the grill registration API and use a POST request to list registered grills. Traeger has already fixed these bugs with firmware upgrades and disabling the vulnerable functions. BBQ season is safe again.
The meeting notes outline the discovery of vulnerabilities in certain Traeger grills, specifically those equipped with the Traeger Grill D2 Wi-Fi Controller. These weaknesses could potentially allow remote attackers to control the grills, affecting temperature settings and even causing food to burn.
The main high-severity vulnerability had a severity score of 7.1 and was related to the grill registration API. It could allow attackers to remotely interfere with the grilling process. However, the manufacturer, Traeger, has already addressed these issues by releasing firmware upgrades and disabling the vulnerable functions.
Therefore, Traeger owners need not worry, as the vulnerabilities have been fixed and the upgrades will be applied automatically.