OTPulse
FeedAboutContact

Johnson Controls Kantech Gen1 ioSmart

Plan Patch7.5ICS-CERT ICSA-23-348-02Dec 14, 2023
Attack VectorAdjacent
Auth RequiredNone
ComplexityHigh
User InteractionNone needed
Summary

An attacker with physical access to a Kantech Gen1 ioSmart card reader can recover the reader's communication memory in certain circumstances, potentially exposing access control credentials or security data. The attack requires direct hardware manipulation and cannot be performed remotely. Johnson Controls recommends updating firmware to version 1.7.2 or higher; Gen2 card readers are not affected.

What this means
What could happen
An attacker with physical access to a Kantech Gen1 ioSmart card reader could recover the encrypted communication data stored in the reader's memory, potentially compromising access control credentials or facility security information.
Who's at risk
Facility managers and security personnel responsible for access control systems. This affects any building or industrial site using Kantech Gen1 ioSmart card readers for access control, including schools, offices, manufacturing plants, and utilities. Gen2 readers are not affected.
How it could be exploited
An attacker must physically access the card reader and extract or read the communication memory under specific conditions. The attack requires direct hardware manipulation; it cannot be performed remotely or over the network.
Prerequisites
  • Physical access to the Kantech Gen1 ioSmart card reader
  • Specific environmental or operational circumstances (conditions not fully specified)
  • Ability to extract or interface with the reader's memory
Physical access requiredHigh attack complexityAffects access control systemsNo patch available (end-of-life product)
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
Kantech Gen1 ioSmart card reader firmware: <1.7.2<1.7.21.7.2
Remediation & Mitigation
0/3
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Kantech Gen1 ioSmart card reader firmware to version 1.7.2 or higher
Long-term hardening
0/2
HARDENINGControl physical access to card readers by restricting entry to reader installation locations and limiting who can access the device hardware
HARDENINGSegregate access control systems from business and untrusted networks to reduce potential for coordinated attacks
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/97d93053-e7f1-4084-a561-266420fee225