1. Weak Guessable, or Hardcoded Passwords
  2. Insecure Network Services
  3. Insecure Ecosystem Interfaces
  4. Lack of Secure Update Mechanism
  5. Use of Insecure or Outdated Components
  6. Insufficient Privacy Protection
  7. Insecure Data Transfer and Storage
  8. Lack of Device Management
  9. Insecure Default Settings
  10. Lack of Physical Hardening

https://owasp.org/www-pdf-archive/OWASP-IoT-Top-10-2018-final.pdf

Categorized in: