A public exploit targeting building automation systems has brought KNX security back into the spotlight, with industrial giant Schneider Electric releasing a security bulletin to warn customers about the potential risks.
KNX is a widely used open standard for commercial and residential building automation. It can be used to control security systems, lighting, HVAC, energy management, and many other smart building systems. Its developers
warned in 2021 that smart building installations, including ones based on KNX, had been increasingly targeted in attacks.
In one
attack reported at the time, aimed at a German engineering company, hackers had taken control of internet-exposed building automation devices and locked the victim’s employees out of the system. For unclear reasons, the attackers had bricked hundreds of automation control devices, causing the building to lose all of its smart functionality.
