Vulnerabilities in elevator control system disclosed
Multinational elevator and escalator manufacturer KONE has revealed that it's control system was found to contain serious vulnerabilities. On September fifth, the company disclosed a series of vulnerabilities in it's KONE Group Controller (KGC) software.
The KGC is a controller device that manages a group of elevators in a building. The device is installed into the machine room hosting the rest of the control and operation of elevators. The KGCs purpose is to optimise the use of elevators, by controlling the traffic of elevators.
The company stated four individual vulnerabilities were found and disclosed:
- CVE-2018-15484: Unauthenticated Remote Code Execution
- CVE-2018-15486: Unauthenticated Local File Inclusion / Unauthenticated Local File modification
- CVE-2018-15485: FTP without authentication and authorization
- CVE-2018-15483: Denial of Service
The KGC is in auxiliary tool which is not an essential component in elevator controls, and thus the vulnerabilities have no direct control over elevators connected to a compromised device. However, KONE states that if a vulnerable device is exploited, malicious parties could:
- Deny access to elevators, by parking them between floors
- Provide access to locked floors or deny access to specific floors
The company has completed a safety risk assessment of the vulnerability based on elevator safety standards.
More details in the disclosure: Vulnerabilities in KONE Group Controller (KGC)
Tweet