Experts from Trend Micro have discovered a serious flaw in HID door controllers developed by the HID access control systems manufacturer that could be remotely exploited by hackers to open the doors. The vulnerability was discovered by Trend Micro expert Ricky HeadlessZeke Lawshae. The experts discovered that the models of door controllers VertX and Edge are affected by a design flaw in their management protocol. Remote administrators can instruct a specific controller to blink by sending a command_blink_on command with the doors ID. The attacker can exploit The system() call to instruct the door controllers to execute a generic command with one single UDP packet.”]
Source: https://securityaffairs.co/wordpress/45875/hacking/hid-door-controllers.html