| Developers: | Tecon-Automation NGO |
| Last Release Date: | 2022/03/25 |
| Branches: | Electrical and microelectronics |
Engineering Equipment Controller (ECC) - is a device for matching the ASUD-248 wired TL-line with the computer network. The KIO-2M line also includes modifications of KIO-2MD, KIO-2MS, KIO-2MRS (as of March 2022).
2022: Vulnerability to hacking
Engineering controllers of the Russian company Tekon-Automatica from Zelenograd can be hacked without much difficulty in just a few hours. This was announced on March 25, 2022 by cybersecurity researcher Jose Bertin. He managed to penetrate them and optimize his rights before the super user. In other words, he was able to completely subdue these devices.
As reported, Tecon-Automatics specializes in the production of engineering controllers. Its products are used, including for dispatching elevators and other equipment of buildings and structures.
Jose Bertin described the entire hacking process of the Tekon-Automatics KIO-2MS controller in his blog. It all began with the fact that he found about 120 Tecon-Automation controllers directly available from the Internet in the results of Shodan search queries. 117 of them were in Russia, three more were located in Ukraine.
Representatives of Tecon Automation said that the controller, the hacking process of which Bertin described for his article, is not related to elevators.
 | Our engineering controllers do not have the function of elevator control. The device is a media converter. At the same time, even obtaining unauthorized access to it in no way can affect the operation of dispatched elevators. according to representatives of Tecon Automation |  |
However, the description for the controller on the official website reads: "Engineering Equipment Controller (EC) - is a device for coordinating the ASUD-248 wired TL line with the computer network." And the company's main page says: "The ASUD-248 system, developed and manufactured by the company, solves the tasks of dispatching elevators and engineering equipment of buildings and structures, managing equipment, as well as organizing resource accounting (ASKUE)."
Bertin was able to connect to the controllers, but he did not have logins and passwords to them, that is, at the first stage he could be waiting for a complete fiasco. The engineer went to the Tekon-Automatics website, where in the instructions for the equipment he found the basic bundle of login and password for login - admin/secret.
Experienced users and system administrators immediately change the basic login data to unique and selectable ones, but Bertin was lucky - the first controller he connected to reacted to admin/secret and allowed him to his bowels.
At his disposal was the panel of settings of the KIO-2MS controller. At this stage, he could completely change the settings of the controller and even make sure that the owners no longer have access to it. To do this, it would be enough to change the basic password to any other.
After logging into the control panel, Bertin received administrator rights, but not superuser (root-user). In other words, its capabilities in the controller system were limited, but everything in the same instruction on the Tekon-Automatics website he found a quick and easy way to circumvent all prohibitions.
The researcher found out that the controller he hacked supports the function of loading additional plugins - LUA scripts, which can be uploaded through a separate menu in the settings panel. Bertin wrote such a plugin and loaded it into the memory of the controller.
Bertin's guess was true. The brainchild of Tecon Automation launched a plugin, as a result of which the engineer had in his hands an administrator account with rights promoted to a super user.
From that moment, his power over the controller was virtually limitless. Bertin could change any settings, remotely turn on and off the device, as well as run any plugins he needed on it. He also had the opportunity to embed malicious code or backdoor in the memory of the controller.
| | The operating manual for our equipment contains a comprehensive list of actions to prevent unauthorized access to the device settings. Equipment of any manufacturer is initially supplied with standard settings. The user must change these settings when configuring the equipment, including the necessary security settings. The author of the article detected a device connected to the network that was not properly configured. The duty to set up security systems depends on those who connect and set up at[1] facilities[2]. commented by representatives of Tecon Automation | |
Notes
- ↑ [https://safe.cnews.ru/news/top/2022-03-25 the inostrannye hakery dobralis
- ↑ . The Russian electronics operating the elevators turned out to be completely defenseless to Western hackers]
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |