Automated Logic WebCTRL Premium Server - Critical Vulnerabilities Found
Basically, there are serious security holes in a software that control buildings.
Automated Logic's WebCTRL Premium Server has critical vulnerabilities that could expose sensitive data. Users are urged to upgrade to secure versions to protect their systems. Don't wait until it's too late!
The Flaw
Automated Logic's WebCTRL Premium Server has been found to have several critical vulnerabilities that could be exploited by attackers. These flaws include multiple binds to the same port, authentication bypass by spoofing, and cleartext transmission of sensitive information. If exploited, these vulnerabilities could allow unauthorized users to read, intercept, or modify communications within the system.
The vulnerabilities are particularly alarming as they affect versions of the WebCTRL Premium Server prior to v8.5. Attackers could manipulate the server without needing to inject malicious code, making it easier for them to gain access. The CVSS scores for these vulnerabilities range from 7.5 to 9.1, indicating a high severity level.
What's at Risk
The risks associated with these vulnerabilities are significant. Automated Logic's WebCTRL system is widely used in commercial facilities for building automation and control. An attacker could potentially disrupt operations, gain unauthorized access to sensitive data, or even control building systems remotely. This could lead to serious safety and operational issues.
The vulnerabilities particularly affect the BACnet protocol used for communication, which lacks network layer authentication. This means that attackers with network access could easily spoof legitimate BACnet packets, further compromising the integrity of the system. The potential for data interception and manipulation poses a serious threat to organizations relying on this technology.
Patch Status
Automated Logic has acknowledged these vulnerabilities and recommends that users upgrade to the latest version of the WebCTRL server application, which includes support for the more secure BACnet Secure Connect (BACnet/SC). This upgrade introduces TLS encryption and mutual authentication, significantly enhancing the security of communications.
For those using versions prior to v8.5, Automated Logic notes that WebCTRL 7 has reached its end of life and is no longer supported. Users are strongly encouraged to follow secure configuration guidance and adopt best practices for network segmentation and access control to mitigate risks while they transition to supported versions.
Immediate Actions
Organizations using the Automated Logic WebCTRL Premium Server should take immediate action to protect their systems. This includes:
- Upgrading to the latest supported version of WebCTRL.
- Implementing BACnet Secure Connect to secure communications.
- Following best practices for network segmentation and access control as outlined by Automated Logic.
Additionally, organizations should conduct a thorough risk assessment to understand the potential impact of these vulnerabilities on their operations. Regularly monitoring for suspicious activity and maintaining updated security protocols will help safeguard against potential exploitation of these vulnerabilities.