Lynxspring JENEsys BAS Bridge Vulnerabilities

Act Now9.8ICS-CERT ICSA-16-320-01Aug 19, 2016

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

The Lynxspring JENEsys BAS Bridge contains multiple critical vulnerabilities related to insufficient access controls, missing authentication, cleartext credential storage, and weak security mechanisms (CWE-284, CWE-306, CWE-522, CWE-352). An unauthenticated attacker with network access can execute arbitrary commands with system-level privileges. All versions up to and including 1.1.8 are affected. The vendor has classified this product as end-of-life and will not issue patches.

What this means

What could happen

An attacker with network access to the BAS Bridge could execute arbitrary commands with full system privileges, potentially disabling building automation controls or altering HVAC, lighting, and access control operations.

Who's at risk

Building operations and facilities teams managing systems via Lynxspring JENEsys BAS Bridge, which controls HVAC systems, lighting, and access controls in commercial buildings and facilities. Any organization using BAS Bridge version 1.1.8 or earlier is affected.

How it could be exploited

An attacker sends unauthenticated requests over the network to the BAS Bridge on its management port. The service accepts and executes malicious commands without proper validation, allowing the attacker to gain remote code execution.

Prerequisites

Network access to BAS Bridge management interface (default ports likely 80/443 or proprietary port)
No authentication required

remotely exploitableno authentication requiredlow complexityhigh CVSS score (9.8)no patch availableaffects critical building systems

Exploitability

Low exploit probability (EPSS 0.5%)

Affected products (1)

ProductAffected VersionsFix Status

BAS Bridge: <=1.1.8≤ 1.1.8No fix (EOL)

Remediation & Mitigation

0/4

Do now

0/2

HARDENINGImplement network segmentation to restrict direct access to BAS Bridge from untrusted networks; isolate building automation systems behind a firewall with strict ingress rules

WORKAROUNDDisable or restrict remote management access to BAS Bridge if not actively required for operations

Mitigations - no patch available

0/2

BAS Bridge: <=1.1.8 has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:

HARDENINGMonitor network traffic to the BAS Bridge for unusual connection patterns or command sequences

HARDENINGPlan replacement of BAS Bridge units with vendor products that receive security updates, as no patch is available for this end-of-life product

CVEs (4)

CVE-2016-8357 CVE-2016-8361 CVE-2016-8378 CVE-2016-8369

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/9f3167ba-e4c7-453e-bc38-61ffea5b6f3b