circle-check
MFC releases update of Didge android app. Get your update on
Google Playarrow-up-right
search
Book a meetingGo to websiteLogin to Didge

Internal Pentest

hashtag
Penetration Testing Report – Dragino LHT65S Sensor

Device Tested: Dragino LHT65S LoRaWAN Temperature & Humidity Sensor

Test Date: 20/10/2024

Tested By: MFC Safe

hashtag
Executive Summary

This report outlines the penetration testing results for the Dragino LHT65S sensor, focusing on physical access, firmware integrity, wireless security, and overall device resilience. The sensor demonstrated a strong security profile for a low-power LoRaWAN device, with no high-risk vulnerabilities identified.

Test Category
Result Summary
Risk Level

Physical Access Ports

UART port exposed without protection

Low

Firmware Security

Flash memory protected, no read access

Low

Wireless Communication

AES-128 encryption validated

Low

Device Authentication

No exposed login interfaces

Low

OTA Updates

Manual update only, no remote override

Low

Known Vulnerabilities

None applicable to LHT65S

Low

Data Integrity & Replay

Retransmission and validation passed

Low

hashtag
Test Details & Findings

hashtag
1. Physical Port Security

  • Finding: UART debug pins are exposed on the board.

  • Impact: Enables potential local manipulation if physical access is gained.

  • Recommendation: Restrction of entry to premisis, epoxy or mask headers in production deployments.

  • Risk: Low

hashtag
2. Firmware Protection

  • Finding: Memory is encrypted and read-protected.

  • Result: Firmware dumping attempts failed.

  • Risk: Low

hashtag
3. LoRaWAN Security

  • Finding: Communication uses LoRaWAN AES-128 encryption.

  • Result: Payloads could not be interpreted without NwkSKey/AppSKey.

  • Risk: Low

hashtag
4. Authentication Exposure

  • Finding: Device does not expose a user-facing login or web portal.

  • Result: No brute-force or bypass attacks applicable.

  • Risk: Low

hashtag
5. OTA Firmware

  • Finding: No over-the-air update mechanism is available.

  • Impact: Firmware must be physically flashed, reducing remote attack surface.

  • Risk: Low

hashtag
6. Known Vulnerabilities

  • Finding: No CVEs found that apply to LHT65S model.

  • Risk: Low

hashtag
7. Data Integrity and Replay Protection

  • Finding: Data transmission follows confirmed uplinks with retries.

  • Result: Transmission retry logic prevents data loss.

  • Risk: Low

hashtag
Recommendations

  • Secure physical access to sensors with tamper-evident enclosures.

  • Mask or epoxy UART ports where unused.

  • Maintain firmware currency via Dragino updates and notices.

hashtag
Conclusion

The Dragino LHT65S sensor passed all critical and major security tests with no exploitable high-risk vulnerabilities. Its physical security could be improved, but wireless communications, firmware protection, and operational design are suitable for deployment in secure environments.

This report is intended for internal compliance and client submission purposes.

PreviousCertificationsNextMulti Point Comparison

Last updated

Was this helpful?