March 29, 2024 at 11:03AM
Security researchers have discovered vulnerabilities in Dormakaba’s Saflok RFID locks used in hotels, allowing threat actors to forge keycards and access locked rooms. These flaws impact over three million hotel locks in 131 countries and remain unexploited in the wild. Dormakaba is addressing the issue by updating affected locks.
After reviewing the meeting notes, it appears that the key takeaways are as follows:
1. Security vulnerabilities have been discovered in Dormakaba’s Saflok electronic RFID locks, allowing threat actors to forge keycards and gain access to locked hotel rooms.
2. The vulnerabilities impact over three million hotel locks across 13,000 properties in 131 countries, including various lock models and management software systems.
3. Dormakaba has initiated a rollout process to update or replace the impacted locks, with an estimated 36% completed as of March 2024.
4. The attack can be executed using commercially available RFID read-write tools or certain mobile devices, allowing threat actors to create forged keycards and gain unauthorized access.
5. Exploitation of these vulnerabilities has not been confirmed, but the potential for unauthorized access and manipulation of entry/exit logs raises security concerns for hotel staff.
6. Additionally, critical security vulnerabilities have been discovered in Electronic Logging Devices (ELDs) in the trucking industry, potentially enabling unauthorized control over vehicle systems and data manipulation.
Do let me know if you need more information or if there’s anything else I can assist you with.