A vulnerability in Aiphone’s security communication devices has been disclosed by Promon. The vulnerability can be exploited through the Near-field Communication tag.
In June of 2021, Promon discovered a new bug. Aiphone manufactured multiple door access control devices before December 7, 2011.
Thieves have to be in physical proximity to the vulnerable device in order to hack it. Aiphone devices GT-DMB-N, GT-DMB-LVN, and GT-DB-VN can be exploited by mobile devices.
The device has no checks to deter unlimited access attempts so an attacker could check every four-digit permutation within minutes.
The allowing of unlimited tries to guess the access code is a common bug in multifactor authentication and other advanced systems like Aiphone. It’s odd.
You will almost never find a password logon that doesn’t lock someone out when they try to guess their password, but somehow vendor after vendor just doesn’t seem to get that.
Several notable people from the computer and tech industry have forgotten to implement basic security measures such as limiters in their products.
This is a significant deal. This is just the problem we know about and not to pile on.
It is the one that made the news. There are hundreds to thousands of other solutions with the same problem and it is easy to hack them. Piling on only Aiphone is not the right response. They’re just the one you know about.
The attacker must have a custom app that can act as an administrative interface to brute force their way into blowing open the device.
When the right person isguessed by the app, the attacker can inject the serial number of a new tag to reveal the device’s password. The attacker can gain access to the access control system by punching in the revealed code or using the Near Field Communication tag.
Chris told Spiceworks that he was the VP of architecture solutions.
The vulnerabilities identified here are well-known to anyone with experience targeting physical access control systems, which is surprising.
Chris told Spiceworks that he was the VP of architecture solutions.
These are not cutting-edge hacking techniques, and their routine effectiveness reinforces the need to have any security mechanisms reviewed by people who have been targeting them.
The vulnerable Aiphone devices don’t store access logs, meaning threat actors don’t leave any trace of exploitation
Microsoft patches two not proxy shell and four other zero-day flaws.
They may have underestimated the possibility that an attacker would have access to a cheap and easily reprogrammable device, and that incorrect assumption informed downstream decisions like only using very short access code lengths, no rate limiting code inputs, as well as the absence.
How to mitigate Aiphone door access control system vulnerability?
If you want to increase the time required to crack the code without solving the underlying issue, updating the password to a more than four-digit one is a possible solution.
According to initial reports, the problem can not be fixed with a software or firmware upgrade. A software update can be deployed to fix issues when they are found. It might take a complete replacement of the hardware for that to happen.
He goes on to say that there are gaps in secure code development because there is no training. When companies don’t adhere to the secure code development standards, the problem becomes more pronounced.
All over the world, we end up with problems like this.
It makes the news when it is discovered, we blame the vendor, and then move on and not question why we have a world full of hacking and malware and don’t require that all developers get basic training in how to code securely.
The problem isn’t necessarily that designers and builders aren’t good, but that they don’t anticipate a particular threat Failure to understand common threat models combined with not bringing in input and review from experts that do is a form of incompetence that software and hardware manufacturers need to own up to.
Customers need to contact Aiphone for more information about securing vulnerable devices.
Aiphone provides door access control and security systems to a wide range of facilities. The White House and the U.K. Parliament use Aiphone’s products, according to the brochure.
There is a problem and the awes of surprise from readers of this particular report of another victim product will not change anything. We need real change.