alt Hacker NewsThanks for sharing this. It’s a bit concerning that a consumer soundbar can receive unauthenticated firmware over BLE and then act like a BadUSB-style HID on the host. I’m not sure I agree with the vendor’s "no cybersecurity risk" assessment, considering how much access a trusted keyboard interface typically has.
If you can "just type stuff", it is absolutely trivial to download absolutely any payload you want as long as you have network access and your antivirus doesn't stop it.