Security News > 2020 > October > Hackers Can Open Doors by Exploiting Vulnerabilities in Hörmann Device
Hackers could remotely open garage doors and gates by exploiting vulnerabilities found in a gateway device made by Hörmann, researchers warned on Wednesday.
In order to restore the system, a manual reset of the device is required, but the device is typically behind the door, which in case of an attack cannot be opened by the victim.
As for attacks that can be launched remotely over the internet, the vulnerabilities found by SEC Consult only allow unauthenticated hackers to impersonate a device and send false status information to the owner.
A remote attacker can also impersonate a device over the internet and cause Hörmann's servers to send the victim's device username and password to the attacker instead of the door opener.
The attacker can then run a script to switch the identity of their device to the targeted user's device, which is possible due to Hörmann's failure to ensure that certificates matched the device.