Cybercriminals hack physical access systems – used for DDoS attacks
Cybercriminals have started hacking, physical connected access systems and systems for smart buildings. But instead of exploiting the vulnerabilities to get into the buildings, the units are used for DDoS attacks.
Firewall provider SonicWall has intercepted traffic showing that cybercriminals are attacking and hacking access systems and connected systems for smart buildings and offices from the provider Nortek Security & Control (NSC).
The cybercriminals thus exploit ten vulnerabilities in the Linear eMerge E3 model, which was discovered in May 2019 by IT security company Applied Risk. This is reported by ZDNet .
Although the vulnerabilities are very serious, the CVSS score is between 9.8 and 10 out of 10 for six of the models, so far, NSC has not produced updates. Applied Risk, for its part, had provided a proof-of-concept in November 2019.
The vulnerability that is easy to exploit
Of the ten vulnerabilities in Linear eMerge E3, the criminal hackers have targeted CVE-2019-7256 with a CVSS score of 10.
This vulnerability allows attackers to execute arbitrary code at the administrator level remotely. Furthermore, vulnerability is easy to exploit even for those with lower skills.
The hackers so far do not seem to be targeting the buildings or organizations where the access systems are installed but are using the hacked systems as a starting point for DDoS attacks.