Hospitality Buffet

F-Secure researchers have found that global hotel chains and hotels worldwide are using an electronic lock system that could be exploited by an attacker to gain access to any room in the facility. The design flaws discovered in the lock system’s software, which is known as Vision by VingCard and used to secure millions of hotel rooms worldwide, have prompted the world’s largest lock manufacturer, Assa Abloy, to issue software updates with security fixes to mitigate the issue. The researchers’ attack involves using any ordinary electronic key to the target facility – even one that’s long expired, discarded, or used to access spaces such as a garage or closet. Using the information on the key, the researchers are able to create a master key with privileges to open any room in the building. The attack can be performed without being noticed. “You can imagine what a malicious person could do with the power to enter any hotel room, with a master key created basically out of ...