In a "security advisory" issued last week, Trustwave warned Inax's Satis automatic toilet - a so-called "smart" toilet - could be commandeered by hackers using the inbuilt Bluetooth connection.

One of the Satis' selling points is that its advanced functions, including an automatic lid and remote-control bidet and flushing functions, can be controlled via the "My Satis" Android application.

The problem, according to Trustwave, is that the Bluetooth PIN to pair with the toilet - "0000" - is hard-coded into the app. "As such, any person using the 'My Satis' application can control any Satis toilet."

"An attacker could simply download the 'My Satis' application and use it to cause the toilet to repeatedly flush, raising the water usage and therefore utility cost to its owner," the report says.

Attackers could also use the hack to open and close the lid, or to activate the bidet or air dry functions, "causing discomfort or distress to user."

There are no known fixes for the issue, according to Trustwave.