OWASP IoT Top 10 2014
I1 Insecure Web Interface | I3 Insecure Ecosystem Interfaces |
I2 Insufficient Authentication/Authorization | I1 Weak, Guessable, or Hardcoded Passwords I3 Insecure Ecosystem Interfaces I9 Insecure Default Settings |
I3 Insecure Network Services | I2 Insecure Network Services |
I4 Lack of Transport Encryption/Integrity Verification | I7 Insecure Data Transfer and Storage |
I5 Privacy Concerns | I6 Insufficient Privacy Protection |
I6 Insecure Cloud Interface | I3 Insecure Ecosystem Interfaces |
I7 Insecure Mobile Interface | I3 Insecure Ecosystem Interfaces |
I8 Insufficient Security Configurability | I9 Insecure Default Settings |
I9 Insecure Software/Firmware | I4 Lack of Secure Update Mechanism I5 Use of Insecure or Outdated Components |
I10 Poor Physical Security | I10 Lack of Physical Hardening |
Last updated