• Kulkan Newsletter
  • Posts
  • Breaking Into a Govee Smart Display: From UART Shell to Device Impersonation

Breaking Into a Govee Smart Display: From UART Shell to Device Impersonation

In our latest newsletter, we dive into our recent IoT vulnerability research, taking a Govee Smart Display from a UART shell to full device impersonation. We also highlight our latest internal K-Talks covering gRPC vulnerabilities and RF signal forging, along with a recap of our time connecting with the community at Segurinfo Buenos Aires.

March 31, 2026

📝 Latest from Our Blog:

Matias Fumega breaks down his research on the Govee H8630 smart display. The process starts from gaining initial UART access and escalates to full device impersonation over MQTT, discovering and reporting cool bugs along the way.

What makes this process especially interesting is how the vulnerabilities chain together to allow full device impersonation. Want to learn how a curiosity exercise turned into a full device impersonation primitive?

🎙️ K-Talks:

In our latest K-Talk session, Felipe Raczkowski Anaya shared his experience with the team on gRPC and Protocol Buffers, covering how client-server communication works, the role of the .proto file in engagements, and common vulnerabilities in gRPC-based microservices.

In the second session, Matias Fumega shared his research on RF signals, walking the team through the full process of capturing, analyzing, and forging radio frequency transmissions operating in the 433 MHz band.

🗓️ Key Industry Events:

RSA Conference

Our CEO Lucas Lavarello attended RSA Conference, the premier gathering of cybersecurity leaders in San Francisco, connecting with clients, peers, and industry voices shaping the future of the field.

Kulkan also sponsored the Cyber Social Club meetup during RSAC week. The event served as a bridge for Argentina’s leading Infosec community, connecting with top international professionals during an exclusive networking night at The Harlequin Bar.

Segurinfo

This month, Kulkan proudly sponsored Segurinfo, a key summit for the Ibero-American cybersecurity community.

Our team gathered in Buenos Aires to share our pentesting and offensive security expertise with industry leaders (and hand out some stickers! 🐉✨), helping regional organizations strengthen their defenses through an attacker-led approach.

Ready to strengthen your security posture?

If you’re planning upcoming penetration testing initiatives, let’s start the conversation and explore how our attacker-led approach can help secure your business and support its growth.