Product Notices

LenelS2 Security Investigation

Published: November 21, 2024

As an industry leader and trusted security partner, Everon is committed to updating our customers on security best practices. LenelS2 recently communicated about a security incident currently under investigation that involved unauthorized access to their backend support infrastructure related to credential creation and historical LenelS2 business data. This incident does not impact all LenelS2 products, only the NetBox platform.

While the investigation is ongoing, there is no indication that any LenelS2 product or site security has been impacted, or that the NetBox user experience will be affected.

Everon is monitoring LenelS2’s investigation and will provide updates as needed. At Everon, we are dedicated to maintaining the security of your technology infrastructure. Your safety is our top priority.

If you have any further inquiries, please contact your account manager, call 844-538-3766, or get in touch with us here.

Axis Security Advisories

Published: November 26, 2024

CVE-2024-6831 & CVE-2024-6749: CVE-2024-6831 (CVSSv3.1: 4.4 Medium) affecting AXIS Camera Station Pro <6.4 and AXIS Camera Station <5.57.33556. It was possible to edit and/or remove views without the necessary permission due to a client-side-only check. CVE-2024-6749 (CVSSv3.1: 6.3 Medium) affecting AXIS Camera Station Pro 6.0 – 6.3 and AXIS Camera Station 5.25 – 5.57.27610. The Incident report feature may expose sensitive credentials on the AXIS Camera Station windows client. If Incident report is not being used with credentials configured this flaw does not apply. Axis has released patches for this flaw for both AXIS Camera Station Pro and AXIS Camera Station 5.

CVE-2024-6476: (CVSSv3.1: 4.2 Medium) affecting AXIS Camera Station Pro <6.4 and AXIS Camera Station <5.57.33556. Axis has found that it is possible for a non-admin user to gain system privileges by redirecting a file deletion upon service restart. Axis has released patches for this flaw for both AXIS Camera Station Pro and AXIS Camera Station 5.

CVE-2024-8160: (CVSSv3.1: 3.8 Low) affecting AXIS OS 10.9 - 12.0. The VAPIX API ftptest.cgi did not have a sufficient input validation allowing for a possible command injection leading to being able to transfer files from/to the Axis device. This flaw can only be exploited after authenticating with an administrator-privileged service account. Axis has released patches for this flaw on the 12.1 Active Track, LTS 2024 11.11 and LTS 2022 10.12.

CVE-2024-8772: (CVSSv3.1: 4.3 Medium) affecting AXIS OS 9.80 - 12.0. The VAPIX API managedoverlayimages.cgi was vulnerable to a race condition attack allowing for an attacker to block access to the overlay configuration page in the web interface of the Axis device. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. Axis has released patches for this flaw on the 12.1 Active Track, LTS 2024 11.11, LTS 2022 10.12 and LTS 2020 9.80.

CVE-2024-47257: (CVSSv3.1: 7.5 (High) affecting AXIS OS 6.50. Selected Axis devices were vulnerable to handling certain ethernet frames which could lead to the Axis device becoming unavailable in the network. Axis has released a patch on the (former LTS) 6.50 track for products that are still under AXIS OS software support.

Please refer to the above mentioned Axis security advisories for more information and solutions. If you require assistance, please raise a support ticket on the Axis Technical Support Helpdesk, contact your Everon account manager, call 844-538-3766, or contact us here. 

Windows TCP/IP Remote Code Execution Vulnerability

Published: August 13, 2024

Microsoft recently released a patch for a Critical-rated vulnerability (CVE-2024-38063), that affects a number of its Windows operating systems.

Although Everon has already applied this patch to all systems that it directly manages as part of its service offering, we are alerting you and encourage you to take action to ensure that your organization applies the patch to any systems that Everon does not manage on your behalf. You can find more information on CVE-2024-38063 here. If you require assistance, contact your Everon account manager, call 844-538-3766, or contact us here. 

March Networks Security Advisory

Published: July 7, 2024

A security regression was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period. It is recommended to update R5 Recorders to avoid vulnerabilities in SSH. Patch 42339 R1.0 is available for 5.26.0.0047 (GA) and 5.27.0.0049 (GA).

Affected versions: 8000, 9000 and RideSafe Series GT/MT/RT recorders.

Find out more about CVE-2024-6387 from NIST Vulnerability Database (NVD) and CVE. If you require assistance, contact your Everon account manager, call 844-538-3766, or contact us here. 

Kantech KT Door Controllers Vulnerability

Published: July 4, 2024

Vulnerabilities have been confirmed impacting Kantech KT Door Controllers.

Under certain circumstances, when the controller is in factory reset mode waiting for initial setup, it will broadcast its MAC address, serial number, and firmware version. Once configured, the controller will no longer broadcast this information.

Affected Versions:

• Kantech KT1 Door Controller, Rev01 version 2.09.10 and prior
• Kantech KT2 Door Controller, Rev01 version 2.09.10 and prior
• Kantech KT400 Door Controller, Rev01 version 3.01.16 and prior

Mitigation Update Kantech door controllers as follows:

• Update Kantech KT1 Door Controller to at least version 3.10.12
• Update Kantech KT2 Door Controller to at least version 3.10.12
• Update Kantech KT400 Door Controller to at least version 3.03

Find out more about CVE-2024-32754 from NIST Vulnerability Database (NVD) and CVE. If you require assistance, contact your Everon account manager, call 844-538-3766, or contact us here. 

Software House iSTAR Pro Vulnerability

Published: June 6, 2024

A security vulnerability has been identified impacting Software House iSTAR Pro door controllers. Under certain circumstances communications between the ICU tool and iSTAR Pro door controller is susceptible to Machine-in-the-Middle attacks which could impact door control and configuration.

Affected Versions:

• iSTAR Pro (all versions)
• ICU (all versions)

Information on this vulnerability and detailed mitigation steps can be viewed here. Find out more about CVE-2024-32752 from NIST Vulnerability Database (NVD), CVE and CISA ICS-Cert Advisories.

If you require assistance, contact your Everon account manager, call 844-538-3766, or contact us here. 

Software House C•CURE 9000 Vulnerability

Published: June 5, 2024

A security vulnerability has been confirmed impacting Software House C•CURE 9000 v3.00.2.

Under certain circumstances the Microsoft® Internet Information Server (IIS) used to host the C•CURE 9000 Web Server will log Microsoft Windows credential details within logs. There is no impact to non-web service interfaces C•CURE 9000 or prior versions.

Find out more about CVE-2024-0912 from NIST Vulnerability Database (NVD) and CVE. If you require assistance, contact your Everon account manager, call 844-538-3766, or contact us here. 

LenelS2's NetBox Vulnerability

Published: May 30, 2024

A potential security vulnerability has recently been identified impacting certain versions of LenelS2's NetBox access control system. 

Certain identified vulnerabilities impact NetBox versions 5.6.1 and prior. Additionally, certain older versions of NetBox (specifically versions prior to 5.4) may be susceptible to having malware installed under certain conditions. The malware vulnerability is due to an open-source library, a resource that exists outside of the LenelS2 NetBox system, to which NetBox systems refer.

Information on this vulnerability can be viewed here. Find out more about CVE-2024-2420 from NIST Vulnerability Database (NVD), CVE and CISA ICS-Cert Advisories.

If you require assistance, contact your Everon account manager, call 844-538-3766, or contact us here. 

Brivo ACS100 and ACS300 Vulnerabilities

Published: February 19, 2024

Vulnerabilities have been identified impacting older versions of firmware for the ACS100 and ACS300.

These vulnerabilities can be exploited if the attacker has physical access to the devices and has the tools and skills to perform a command injection attack. The vulnerability was addressed in Brivo firmware version 6.2.4.3 which was released in December 2023 for general use.

Find out more about CVE-2023-6260 from NIST Vulnerability Database (NVD) and CVE. Find out more about CVE-2023-6259 from NIST Vulnerability Database (NVD) and CVE.

All customers using ACS100, ACS300, ACS SDC, and ACS6000 control panels are advised to upgrade their panel firmware to the current version which is 6.2.5. If you require assistance, contact your Everon account manager, call 844-538-3766, or contact us here. 

HID Vulnerability

Published: February 7, 2024

Vulnerabilities have been identified in the following technologies: 

Vulnerabilities have been identified HID iClass SE readers, modules, and processors; HID OMNIKEY 5427CK, 5127CK, 5023, and 5027; and HID iCLASS SE CP1000 Encoder.

If you have these technologies installed at your facilities, we recommend taking immediate action to secure your systems. For more details and recommended actions, please visit the HID notices here and here. If you require assistance, contact your Everon account manager, call 844-538-3766, or contact us here.