Security
Headlines
HeadlinesLatestCVEs

Headline

ECOA Building Automation System Hidden Backdoor Accounts and backdoor() Function

The BAS controller has hidden backdoors in several binaries that serve the web application. Any unauthenticated attacker can download all the resources and binaries/services that serve the controller and search for the 'backdoor()' function in httpser.elf as well as discover hidden credentials for backdoor access with full functionality of the Smart Home, Access Control and Building Automation System solutions.

Zero Science Lab

Zero Science Lab: Latest News

ABB Cylon Aspect 3.08.00 (log(Mix/Yum)Lookup.php) Off-by-One Error in Log Parsing