Critical Vulnerability – Matrix Door Controller Cosec Vega

SEVERITY: CRITICAL

Redinent Researchers discovered critical Authentication Bypass Vulnerability in Matrix Door Controller Cosec Vega. This could allow attacker to full control of the controller and have access to the entry and exit restriction of the door controller including the ability to trigger a denial of service condition by reboot and all other options provided in the administrative web interface of the controller.

Technical Details: An authentication bypass vulnerability has been identified in the Matrix flagship product, the Matrix Door Controller. This vulnerability can be exploited by tampering with the HTTP response on the login page.

Specifically, an attacker can craft a malicious HTTP response that bypasses the authentication mechanism, allowing unauthorised access to the system.

Affected Versions
Product Name Affected Versions: All firmware versions prior to V2R17

Matrix Comsec has released a version to fix the vulnerability.

CERT IN Advisory:
https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0328

CVE ID: CVE-2024-10381
The coordinated disclosure timeline:

  1. September 15 2024 – Vulnerability discovered by Redinent researchers.
  2. September 19 2024 – Vulnerability reported by Redinent to CERT India.
  3. October 25 2024 – CVE assigned. OEM releases global advisory.