poscaenium
New member
- Joined
- May 7, 2024
- Messages
- 1
Additionally it's extremely difficult to stay on top of all CVEs these days, they get created for absolutely anything under the sun.Best submit a ticket direct to WiiM - this is primarily a user, not support, forum.
I disconnected my mini just because of the uncertainty. I need to figure out if there is a way for me to block the device from the external worldwide web and only use it for my local network. I’m going to start working on that.Your Device is realy nice but PLEASE patch your firmware. Bitdefender founds 422 (!!!) High Risk Issues.
View attachment 7008
I recommend that you publish CVEs that you fix, it's good practice and provides a quick way to point people who have concerns.Hi Team,
We have carefully reviewed the reported security vulnerabilities through router and antivirus software using the CVE database. The alerts were false alarms triggered by outdated version numbers of Linux kernels or third-party libraries. To mitigate these vulnerabilities, we can either update all kernels/libraries or apply patches; we chose the latter approach and raised these alarms. Please note, our firmware and software have undergone rigorous security testing with Amazon and Google, given the integration of built-in Alexa and Chromecast audio features. We have also collaborated with a third-party security team and successfully passed their tests.
Meanwhile, our team will work on resolving these false alarms triggered by version number checks.
I liked your reply. So true, but I'm still worried. Keep thinking all my IoT junk will be acting as a server for some hackers. I fell into the trap of HomeKit and home automation (originally X10 junk) and I'm also a very old electrical engineer trying new stuff (R Pi & Python). Maybe too much news...You want to stay safe? Don’t connect on internet is that simple if you’re paranoid about hacking and security. You will likely get mug walking late at night that you would on internet.