A security vulnerability has been discovered in the Tiiwee X1 Alarm System, allowing attackers to perform capture-replay attacks due to insecure radio communication. This flaw impacts the alarm systemβs security integrity, potentially enabling unauthorized disarming and arming. #TiiweeX1AlarmSystem #SecuritySystems
Keypoints
- The Tiiwee X1 Alarm System communicates via unencrypted 433 MHz radio signals, making it vulnerable to replay attacks.
- Attackers can capture and replay remote signals to disarm or arm the alarm system without authorization.
- The protocol used (βPrincetonβ) contains an ID that can be manipulated to bypass security measures.
- The vulnerability was disclosed publicly in May 2025 after being reported to the manufacturer in January 2025.
- Using software-defined radio tools like Flipper Zero simplifies the process of executing replay attacks on this system.