If you’re thinking of firing up your grill for a 4th of July BBQ today, I’ve got bad news for you. A new high-severity vulnerability in some of the best grills from Traeger can be exploited by hackers to completely ruin your cookout.
As reported by The Register, a security consultant at Bishop Fox recently discovered two security flaws along with some other issues in several Traeger smart grills and detailed their findings in a blog post. The grills in question have a Traeger Grill D2 Wi-Fi Controller module that allows them to be controlled using a mobile app.
Of these vulnerabilities, one has a high severity score of 7.1, while the other is less severe, with a score of 4.3. Still, if exploited by an attacker, these flaws can be used to change temperature controls or shut down a grill before a cook is finished.
The first flaw is an insufficient authorization control issue that can be used to capture network traffic while someone is pairing their grill with Traeger’s app. For this vulnerability to be exploited, an attacker must know the unique 48-bit identifier of the grill they’re targeting. However, this identifier can also be obtained by scanning a QR code located inside the grill’s pellet hopper.
Either way, an attacker must be relatively close to a vulnerable Traeger grill to pull this off. If you haven’t upset anyone with a background in cybersecurity or hacking, you and your 4th of July cookout should be safe. Still, you will want to update your Traeger grill sooner rather than later to avoid falling victim to such an attack.
How to update your Traeger grill
After Bishop Fox security consultant Nick Cerne discovered these flaws and reported them to Traeger, the company updated the firmware of its grills to patch both vulnerabilities. However, there are a few steps you’ll need to take to apply these updates to your Traeger grill.
Instead of needing to be updated manually, the company’s grills update on their own whenever new software is available. For this process to work, though, your grill must be plugged in with the power button in the ON position while connected to Wi-Fi. Your Traeger grill will attempt to update automatically four times. If it fails during this process, the grill will not try again until the next update is available.
If you need extra help updating your Traeger grill, this support page has everything you need to know about the update process.
Smart devices may be convenient, but they can also put you at risk if you don’t install the latest updates when they become available. This is why you should periodically check to see if any new updates have been released. In this case though, that means leaving your Traeger grill on in standby mode and connected to Wi-Fi at least once a month.
