Skip to main content

Black Listed News
Trending Articles:
Trending Articles:

New Vulnerability Found in Internet-Connected Building Automation Devices

Published: August 14, 2019
Share | Print This


Critical internet-connected smart building devices used in countless commercial and industrial properties, have been found to be vulnerable to a new malicious attack. The vulnerability exploits the properties in the building automation protocol (Bacnet) which enables technicians and engineers performing monitoring, setup changes and remote control of a wide range of key smart systems that impact temperature control, and other monitoring systems.

Critical internet-connected smart building devices used in countless commercial and industrial properties, have been found to be vulnerable to a new malicious attack, according to cybersecurity researcher Bertin Bervis.

The vulnerability exploits the properties in the building automation protocol (Bacnet) which enables technicians and engineers performing monitoring, setup changes and remote control of a wide range of key smart systems that impact temperature control, and other monitoring systems. Bervis analyzed several building automation devices with built-in web applications for remote monitoring and control. They were disclosed to manufacturers who didn’t respond.

The research “Mixing industrial protocols with web application flaws in order to exploit devices connected to the internet. was presented at the DEF CON IoT Village at the  Flamingo Hotel.  DEF CON IoT Village is organized by security consulting and research firm Independent Security Evaluators.

The attacker is able to maliciously modify the system’s web application code by injecting javascript code in the Bacnet device, abusing the read/write properties from the Bacnet protocol itself.  The code is stored in the Bacnet database helping the attacker to achieve persistence on browser devices that are used in building environments or industrial facilities that connect via BACnet.

The web applications allow malicious code modification in specific elements taken directly from the protocol level user interaction and protocol level database information changes, which means any data change performed directly from protocol interaction can modify pieces of code in the whole web application in a persistent way.

“Remote attackers can jump from that point to another using this technique to steal sensitive information from technicians or engineers who interacts directly with the infected devices,” Bervis says. “It opens a new door for remote attacks without touching or interacting with the web application in those devices. The attacker only needs an insecure building automation protocol to modify the data.”

Read More...

Share This Article...



Image result for patreon

Emigrate While You Still Can!

Loading...


Image result for patreon


PLEASE DISABLE AD BLOCKER TO VIEW DISQUS COMMENTS

Ad Blocking software disables some of the functionality of our website, including our comments section for some browsers.





Login with patreon to gain access to perks!

SIGN UP TO GET BLACKLISTED NEWS DELIVERED RIGHT TO YOUR INBOX

Enter your email address:




More Blacklisted News...

Blacklisted Radio
Blacklisted Nation
On Patreon
On Gab
On Twitter
On Reddit
On Facebook
Blacklisted Radio:
Republic Broadcasting
Podcasts on Youtube
Podcasts on Demand
On Iheart Radio
On Spreaker
On Stitcher
On iTunes
On Tunein

Our IP Address:
198.245.55.242

Sponsors:
Garden office

good
longboard
brands


Advertise Here...






BlackListed News 2006-2019
Privacy Policy
Terms of Service