- Dec 30, 2012
- 4,809
Security researchers have discovered a zero-day vulnerability in a popular building control system that could allow cyber criminals to wreak havoc with operational technology found in factories, businesses and data centres.
The system is manufactured by Delta, a Taiwan-based provider of power and thermal management solutions widely-used in data centres. The company’s systems are also used in hospitals, including operation theatres.
The vulnerable system in question is the company’s enteliBUS Manager, or eBMGR, a device that provides a single pane of glass with which to control various corporate or industrial hardware, including data centre HVAC (heat, ventilation, and air conditioning) controllers, factory boiler alarms and sensors, and corporate security control and lighting.
As this kind of network-connected system provides a single point of failure for critical operational technology, they are usually guarded with extremely high-standards of software security.
The system is manufactured by Delta, a Taiwan-based provider of power and thermal management solutions widely-used in data centres. The company’s systems are also used in hospitals, including operation theatres.
The vulnerable system in question is the company’s enteliBUS Manager, or eBMGR, a device that provides a single pane of glass with which to control various corporate or industrial hardware, including data centre HVAC (heat, ventilation, and air conditioning) controllers, factory boiler alarms and sensors, and corporate security control and lighting.
As this kind of network-connected system provides a single point of failure for critical operational technology, they are usually guarded with extremely high-standards of software security.