Vulnerability Lets Hackers Control Building Locks, Electricity, Elevators and More
WIRED, By: Kim Zetter
A critical vulnerability discovered in an industrial control system
used widely by the military, hospitals and others would allow attackers
to remotely control electronic door locks, lighting systems, elevators,
electricity and boiler systems, video surveillance cameras, alarms and
other critical building facilities, say two security researchers.
The vulnerability in the Tridium Niagara AX Framework allows an
attacker to remotely access the system’s config.bog file, which holds
all of the system’s configuration data, including usernames and
passwords to log in to operator work stations and control the systems
that are managed by them.
Billy Rios and Terry McCorkle, noted security researchers with
Cylance, who have found numerous vulnerabilities in the Tridium system
and other industrial control systems in the last two years, demonstrated
a zero-day attack on the system at the Kaspersky Security Analyst
Summmit on Tuesday. The attack exploits a remote, pre-authenticated
vulnerability that, combined with a privilege-escalation bug, gave them
root on the system’s platform, which underlies the devices.