Apple HomePod



The score describes network credential exchange to connect the device to the Internet
Over ZWave, ZigBee, or Bluetooth
The score describes if the device must be configured before use
Forced
The score describes how the device receives updates
Consent Required
The score describes how many services the devices exposes to the network
3-4 services
The score describes how many low risk vulnerabilities
None
The score describes how many medium risk vulnerabilities
None
The score describes how many high risk vulnerabilities
None
The score describes how many critical risk vulnerabilities
None
The score describes how many of sensitive data are in the mobile application (API keys, Secret keys)
None
The score describes how many incorrect use of APIs like incorrect initialization of cryptographic libraries
None
The score describes how many excess permissions are requested but not used
None
The score describes how many first-party domain the device contacts
46 or more
The score describes how many third-party domain the device contacts
1-25
The score describes how many hybrid domain the device contacts
46 or more
The score describes any contacted domains that use a self-signed certificate
Found self-signed certificate
The score describes any contacted domains that have a name mismatch on the certificate
domain and certificate name mismatch
The score describes any contacted domains that offer vulnerable TLS/SSL versions
Vulnerable TLS/SSL versions
The score describes any contacted endpoints that are running old unsupported operating system
None
The score describes any contacted endpoints that disclosue sensitive information about the running services
None
The score describes any contacted endpoints that supports cleartext authentication
None
The score describes any contacted endpoints that have an exploitable vulnerability
None
The score describes a device that does not respect the local DNS settings
Uses local recursive
The score describes a device that uses the HTTP protocol (not secure)
Does not use HTTP
The score describes a device that uses the UPnP protocol (not secure)
Does not use UPnP
The score describes a device that uses the NTPv3 or less protocol
Uses NTPv3 protocol or less
The score describes a device that uses the custom protocol (non-standard)
Uses custom protocol
The score describes a device that is susceptible to Man-in-The-Middle Attack (MITM)
Secure
The score describes a mobile application that is susceptible to Man-in-The-Middle Attack (MITM)
Secure
The score describes a device that is susceptible to Man-in-The-Middle Attack (MITM)
Secure
The score describes a device that lacks encryption with the cloud endpoints
Full
The score describes a mobile application that lacks encryption with the cloud endpoints
Full
The score describes a device that lacks encryption with its mobile application
Full