When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Three million Saflok locks can be opened by crooks due to 36-year-old security holes

Saflock electronic lock by Dormakaba
Via: Unsaflok

Electronic RFID locks Saflok from the manufacturer Dormakaba suffer from a series of serious security vulnerabilities that allow hackers to open any door in the property thanks to the relatively easy exploit.

The series of vulnerabilities, ironically dubbed Unsaflok, was discovered and reported to the manufacturer in September 2022, and the security researchers disclosed it publicly only recently, as reported by Security Week. The fix has been available since November 2023, however, roughly two-thirds of all affected locks are still yet to be patched.

All locks using the Saflok system are impacted, including – but not limited to – Saflok MT, the Quantum Series, the RT Series, the Saffire Series, and the Confidant Series.

“These are primarily used in hotels where the management software is System 6000 or Ambiance. Some applications in the multifamily housing space which use System 6000 or Community are also affected,” the researchers specified, adding that it is not possible to visually distinguish patched and unpatched locks.

In total, the vulnerability impacts over three million doors across 13,000 properties in 131 countries.

The researchers disclosed only limited information on the vulnerability. When combined, the identified weaknesses allow an attacker to unlock all rooms using just a single pair of forged keycards:

“An attacker only needs to read one keycard from the property to perform the attack against any door in the property. This keycard can be from their own room, or even an expired keycard taken from the express checkout collection box.

“Forged keycards can then be created using any MIFARE Classic card, and any commercially available tool capable of writing data to these cards. One pair of forged keycards allows an attacker to open any door in the property.”

Saflok locks from Dormakaba have been on the market since 1988, therefore the vulnerabilities are now over 36 years old.

Despite the fact, that the researchers are not aware of any real-world attacks using this exploit, there is a possibility that these vulnerabilities are known by hackers, and actively used in the wild.

Report a problem with article
Apple and Baidu logo in front of the Chinese flag in the background
Next Article

iPhones in China are likely to get Baidu's AI features

Edifier s360db
Previous Article

Edifier S360DB, R1700BT, S1000W, R1280DB, and more on sale at fantastic prices

Join the conversation!

Login or Sign Up to read and post a comment.

5 Comments - Add comment