Get a Pentest and security assessment of your IT network.

Cyber Security

HVACking: Remotely Exploiting Bugs in Building Control Systems

Security researchers have found a zero-day vulnerability in a popular building controller used for managing various systems, including HVAC (heating, ventilation, and air conditioning), alarms, or pressure level in controlled environments. The vulnerability is now tracked as CVE-2019-9569 and is a buffer overflow that leads to remote code execution when properly exploited. More than 1,600 devices were discovered using the Shodan search engine, showing that an attacker could do damage from miles away. The security company recommends extending the security practices to all network devices: shielding them with a firewall, checking the traffic for abnormal activity.

Source: https://www.bleepingcomputer.com/news/security/hvacking-remotely-exploiting-bugs-in-building-control-systems/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation