A team of researchers discovered six zero-day vulnerabilities in protocols and individual components used in smart buildings. The flaws could be used to steal sensitive information, access or delete critical files, or perform malicious actions. They were found in building automation devices such as programmable logic controllers (PLCs) and gateway protocols. Researchers found that out of a total of 22,902 publicly reachable devices (IP cameras excluded), 9,103 were affected by the zero-days they uncovered. The vulnerabilities were disclosed responsibly to the vendors of the affected products and patches are now available.
Source: https://www.bleepingcomputer.com/news/security/zero-day-vulnerabilities-leave-smart-buildings-open-to-cyber-attacks/