Security researcher Gjoko Krstic from Applied Risk discovered over 100 vulnerabilities in management and access control systems from four major vendors.
An attacker can exploit the vulnerabilities to gain full control of the vulnerable products and access to the devices connected to them.
Krstic conducted a year-long study on building management (BMS), building automation (BAS) and access control products from Nortek, Prima Systems, Optergy, and Computrols. The experts analyzed several products, including Computrols CBAS-Web, Optergy Proton/Enterprise, Prima FlexAir, and two Nortek Linear eMerge products.