Hackers are actively searching the internet and hijacking smart door/building access control systems, which they are using to launch DDoS attacks, according to firewall company SonicWall.
The attacks are targeting Linear eMerge E3, a product of Nortek Security & Control (NSC).
Linear eMerge E3 devices [1, 2, 3] fall in the hardware category of "access control systems." They are installed in corporate headquarters, factories, or industrial parks. Their primary purpose is to control what doors and rooms employees and visitors can access based on their credentials (access codes) or smart cards.
In May 2019, researchers from Applied Risk, a cyber-security firm specialized in industrial security services, disclosed details[1] about ten vulnerabilities impacting NSC Linear eMerge E3 devices.
Despite the fact that six of the ten vulnerabilities had a vulnerability severity (CVSSv3) score of 9.8 or 10 out of a maximum of 10, NSC failed to provide patches, according to an Applied Risk security advisory.
Applied Risk later released proof-of-concept exploit code[2] in November.
CVE-2019-7256 exploitation
Now, in a report published last week, SonicWall researchers say that hackers are scanning the internet for exposed NSC Linear eMerge E3 devices and using one of the ten vulnerabilities.
The vulnerability they are using is CVE-2019-7256[3]. Applied Risk described this vulnerability as a command injection flaw. It is one of the two that received a severity score of 10/10, meaning it can be exploited remote, even by low-skilled attackers without any advanced technical knowledge.
"This issue is triggered due to insufficient sanitizing of user-supplied inputs to a PHP function allowing arbitrary command execution with root privileges," SonicWall said in a security alert published last week[4]. "A remote unauthenticated