Chengsong Diao, Danielle Dang, Sierra Lira, Angela Tsai, Miro Haller, and Nadia Heninger, UC San Diego
Smart locks are an increasingly popular and critical component of smart homes due to their convenience and efficiency compared to traditional locks. In this paper, we conduct an in-depth analysis of one smart lock product, the Master Lock Deadbolt D1000.
We reverse engineer the Master Lock Vault Enterprise Android app, analyze their proprietary communication protocols, and discover several vulnerabilities:
- Replay attacks can allow unauthenticated unlocking;
- Former guests can continue unlocking the lock after their access should have expired;
- Malicious users can arbitrarily extend temporary access and lock other users out;
- Attackers can forge audit events and prevent authentic events from being uploaded to the telemetry servers;
- Malformed Bluetooth Low Energy (BLE) messages can result in a Denial of Service (DoS) as well as memory leaks and corruptions.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Chengsong Diao and Danielle Dang and Sierra Lira and Angela Tsai and Miro Haller and Nadia Heninger},
title = {No Key, No Problem: Vulnerabilities in Master Lock Smart Locks},
booktitle = {19th USENIX WOOT Conference on Offensive Technologies (WOOT 25)},
year = {2025},
isbn = {978-1-939133-50-2},
address = {Seattle, WA},
pages = {69--85},
url = {https://www.usenix.org/conference/woot25/presentation/diao},
publisher = {USENIX Association},
month = aug
}
