In total, eight zero-day vulnerabilities have been detected in Carrier’s industrial control systems (ICS) which, if exploited, allow attackers to take full system control, including “the ability for an attacker to remotely manipulate door locks.”
Vulnerability researchers at XDR firm Trellix Threat Labs have discovered eight zero-day vulnerabilities in the commonly used industrial control systems provided by HVAC giant Carrier.
Researchers claim that these vulnerabilities impact the access control products using HID Mercury controllers and can allow hackers to unlock doors remotely. The 0-days are tracked as:
For your information, Trellix was launched in 2022 after the merger of FireEye and McAfee Enterprise.
Details of the Flaws
Among the eight 0-days, seven have been assigned high severity or critical rating, with most having a CVSS score of 7.5. Reportedly, the 0-days impact the LenelS2 Mercury access control panel that provides access to facilities and integration with complex building automation deployments.
LenelS2 is a subsidiary of Carrier and offers physical security solutions. Trellix researchers noted that all OEM partners using specific hardware controllers are impacted by these flaws.
Our research was performed on Carrier’s LenelS2 access control panels, manufactured by