CVE-2023-42143 is a medium-severity vulnerability affecting Shelly TRV smart thermostatic radiator valves, specifically version 20220811-152343/v2.1.8@5afc928c. The core issue is a missing integrity check during the firmware update process. This flaw allows an attacker with network access and limited privileges (PR:L) to redirect the device to an attacker-controlled server that hosts a manipulated firmware image. Because the device does not verify the integrity of the firmware before applying it, the malicious firmware is installed, effectively creating a backdoor on the device. This backdoor could be used for persistent unauthorized access or further attacks within the network. The vulnerability is exploitable remotely over the network (AV:N) with low attack complexity (AC:L), but requires some user interaction (UI:R), such as triggering the update process or redirecting the device’s update request. The scope is changed (S:C), meaning the vulnerability affects resources beyond the initially vulnerable component. The impact includes limited confidentiality and integrity loss (C:L/I:L) but no impact on availability (A:N). No known exploits have been reported in the wild to date, and no official patches or vendor advisories are currently linked. The vulnerability is categorized under CWE-354 (Improper Integrity Check).

For European organizations, the impact of this vulnerability can be significant, especially for those deploying Shelly TRV devices in smart building environments, offices, or residential complexes. Compromised devices could serve as footholds for attackers to infiltrate internal networks, potentially leading to lateral movement and data exfiltration. The backdoor created by manipulated firmware could enable persistent access, undermining network integrity and confidentiality. Although the direct impact on availability is low, the presence of unauthorized firmware could disrupt normal device operation or cause privacy violations. Organizations relying on smart building automation and IoT devices without robust network segmentation or monitoring are particularly at risk. The vulnerability also raises compliance concerns under GDPR if personal or sensitive data is indirectly exposed through compromised devices. Given the increasing adoption of IoT in European smart cities and enterprises, this vulnerability could be exploited to target critical infrastructure or high-value commercial environments.

1. Network Segmentation: Isolate Shelly TRV devices on dedicated VLANs or network segments with strict access controls to limit exposure to untrusted networks or users. 2. Firmware Update Verification: Until an official patch is released, implement network-level controls such as firewall rules or DNS filtering to prevent devices from reaching unauthorized update servers. 3. Monitor Network Traffic: Deploy anomaly detection to identify unusual DNS queries or connections from Shelly TRVs to unknown IP addresses, which may indicate redirection attempts. 4. Access Control Hardening: Restrict administrative access to the devices and ensure strong authentication mechanisms are in place to prevent unauthorized configuration changes. 5. Vendor Engagement: Engage with Shelly or the device vendor to obtain official patches or firmware updates that include integrity verification. 6. Incident Response Preparedness: Develop procedures to quickly isolate and remediate affected devices if compromise is suspected. 7. User Awareness: Educate facility managers and IT staff about the risks of unauthorized firmware updates and the importance of verifying update sources.