Our LoRaWAN security series has so far outlined multiple security flaws, vulnerability issues, and entry vectors that attackers have been known to use. In this fourth part of the series, we talk about an attack vector that, so far, has not attracted much attention: the LoRaWAN stack. Although it is not a typical target, it is a critical one — the stack is the root of LoRaWAN implementation and security.
In both this report and our technical brief, we show specific techniques that can be used to find security flaws and bugs within the LoRaWAN stack. Attackers can use these methods to find and exploit devices, and we hope to highlight them to help stack developers or security consultants secure the stack and make LoRaWAN communication resistant to critical bugs.
Source: Trend Micro