Report a Confirmed or Potential Breach? Call  +1 770-870-6343
0 Results Found
            Back To Results
              Login
              Advisories

              Incorrect Access Control in AMAG Technologies Symmetry Edge Network Door Controllers

              Secureworks Security Advisory 2017-001

              Advisory Information

              • CVE: CVE-2017-16241
              • Severity: High
              • CVSS v3: 9.3
              • Discovered by: Mike Kelly and John Mocuta of Secureworks

              Summary

              Incorrect access control in AMAG Technology Symmetry Door Edge Network Controllers enables remote attackers to execute door controller commands (e.g., lock, unlock, add ID card value) by sending unauthenticated requests to affected devices via serial communication over TCP/IP. By monitoring TCP network traffic between the legitimate AMAG Symmetry SMS physical access control server and the EN-1DBC and EN-2DBC networked door controllers, Secureworks researchers were able to reverse engineer the basic data structure of the network communication.


              Download the PDF: Secureworks Security Advisory 2017-001

              PGP Signature

              Related Content