The Register® — Biting the hand that feeds IT

Feeds

Cisco bugs surrender control of building's critical systems

Security, HVAC, power systems ripe for plucking

By Dan Goodin, 26th May 2010
  • print
  • alert

Regcast training : Hyper-V 3.0, VM high availability and disaster recovery

Cisco Systems has warned of serious vulnerabilities in a device that connects a building's ventilation, lighting, security, and energy supply systems so they can be controlled by IT workers remotely.

The networking giant on Wednesday urged users of the Cisco Network Building Mediator products to patch the vulnerabilities, which among other things allow adversaries to obtain administrative passwords. No authentication is required to read the system configuration files, making it possible for outsiders to take control of a building's most critical control systems.

"Successful exploitation of any of these vulnerabilities could result in a malicious user taking complete control over an affected device," a Cisco advisory stated. The notice also warned that the vulnerabilities are present in the legacy products from Richards-Zeta, the Cisco-acquired company that originally designed the system. The bugs were discovered during internal testing.

Another flaw makes it possible for low-level employees to gain full control of the device by accessing default administrative accounts. Other bugs allowed malicious insiders to intercept traffic as it travels between an administrator and the Building Mediator and to escalate limited privileges.

The device - which gathers a wealth of data in different formats and presents it in a single, easy-to-read panel - is part of Cisco's push to help customers use IT to automate and remotely control tasks that used to require manual procedures. That can save building operators plenty of money, but it also presents new threats, especially since the product is designed to seamlessly interact with larger power grids.

The advisory offers several workarounds and common-sense configuration settings, but it warns customers to proceed with care, since certain access ports and protocols are needed to ensure that the system runs correctly. ®

Agentless Backup is Not a Myth

COMMENTS

House Rules Send Corrections
All Reader Comments (25)
Highly Rated
Anonymous Coward
Anonymous Coward

Open...

"Open the pod bay doors, Hal."

"I'm sorry, Dave. I'm afraid I can't do that. "

"sudo Open the pod bay doors, Hal."

1
0
Will Godfrey

Eggs

Basket

1
0
Chris Miller

I can picture the scene ...

Pointy-haired Boss #1: Why don't we make the controls for our HVAC systems available over the Internet, then we can manage them remotely and save some money.

PHB #2: Great idea! After all, what could possibly go wrong ...

1
0

More from The Register

breaking news
Number of cops abusing Police National Computer access on the rise
Only a telegram from the Queen can get you off it
133
breaking news
NSA PRISM snoop-gate: Won't someone think of the children, wails Apple
10,000 things probed, mostly about missing kids, Alzheimer patients, we're told
96
Flash flaw potentially makes every webcam or laptop a PEEPHOLE
But it's a Google problem - Chrome only, insists Adobe
59
breaking news
NSA PRISM-gate: Relax, GCHQ spooks 'keep us safe', says Cameron
Whatever they are up to, it's all above board, we're told
90
PRISM snitch claims NSA hacked Chinese targets since 2009
Snowden suddenly looks safer in Hong Kong after revelations
33
breaking news
US chief spook: Look, we only want to spy on 6.66 BEELLLION of you
Americans assured they are not in the NSA's sights
68
breaking news
Yahoo! joins! rivals! in! PRISM! data! request! admission!
Keep calm and carry on using American tech firms, folks
41
Speech-to-text drives motorists to distraction
Will talking to you mean I crash into that car up ahead, Siri?
30
DHS warns of vulns in hospital medical equipment
Has your doctor's anasthesia machine been hacked?
17
breaking news
'BadNews is malware' says outfit that found it
Google says code harmless but Lookout says code base is evolving
15