Hidden and Lost Control: on Security Design Risks in IoT User-Facing Matter Controller
Haoqiang Wang, Yiwei Fang
Network and Distributed System Security (NDSS) Symposium 2025 · Day 1 · IoT Security
The proliferation of Internet of Things (IoT) devices has led to a fragmented and complex ecosystem, with numerous vendors, proprietary protocols, and disparate companion applications. To address this challenge, the Connectivity Standards Alliance (CSA) introduced **Matter**, an open-source, universal application-layer connectivity standard designed to unify the IoT landscape. Since its deployment in late 2022, major IoT players like Google, Apple, and SmartThings have integrated Matter support into their devices, apps, and development frameworks, leading to its rapid adoption worldwide. This talk, presented by Ichin Leo (Yiwei Fang) from Indiana University, delves into the security implications of this integration, specifically focusing on how vendors implement **User-Facing Matter Control Capabilities and Interfaces (UMCCI)** within their mobile applications.
AI review
Solid original research on a real and underexplored attack surface — Matter UMCCI flaws that let malicious guests maintain persistent hidden control over smart home devices even after access should have been revoked. Eight of eleven major vendors affected, including Apple, Google, and SmartThings, with working PoCs on real hardware. The automated detection tooling (UMCCI Checker with LM-assisted UI analysis) shows the researchers went beyond a one-off CVE hunt and built something reusable.