Roughly one year ago, Gjoko Krstic, a researcher at industrial cybersecurity firm Applied Risk, started analyzing building management (BMS), building automation (BAS) and access control products from Nortek, Prima Systems, Optergy, and Computrols. The products include Computrols CBAS-Web, Optergy Proton/Enterprise, Prima FlexAir, and two Nortek Linear eMerge products.
Krstic has identified a total of over 100 security holes in these systems to which nearly 50 CVE identifiers have been assigned; some of the issues are variations of the same flaw.
The vulnerabilities include default and hardcoded credentials, command injection, cross-site scripting (XSS), path traversal, unrestricted file upload, privilege escalation, authorization bypass, clear-text storage of passwords, cross-site request forgery (CSRF), arbitrary code execution, authentication bypass, information disclosure, open redirect, user enumeration, and backdoors.
Leave a reply