Researchers discovered 49,000 misconfigured and exposed Access Management Systems (AMS) across multiple industries and countries, which could compromise privacy and physical security in critical sectors. In some cases, Modat could edit employee records, add fake employees, change access credentials, or manipulate building entry systems to restrict access to legitimate employees or allow unauthorized physical access to malicious actors. Modat provided several security recommendations for AMS users, including taking their systems offline to prevent unauthorized remote access or placing them behind firewalls and VPNs to restrict access only to authorized personnel. Access Management Systems are security systems that control employee access to buildings, facilities, and restricted areas via biometrics, ID cards, or license plates. Security researchers at Modat conducted a comprehensive investigation in early 2025 and discovered tens of thousands of internet-exposed AMS that were not correctly configured for secure authentication, allowing anyone to access them. Biometric data and PII should always be stored in encrypted form, and data of past employees should be purged to avoid unauthorized access via old accounts that haven't been disabled on other systems. The physical security risks are particularly worrying for exposed AMS for government buildings and critical infrastructure such as power stations and water treatment units. Bill Toulas Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux, malware, data breach incidents, and hacks. Apart from physical security, the exposed information could also be leveraged to empower spear-phishing and social engineering attacks against the exposed organizations.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 27 Feb 2025 18:05:07 +0000