Ibis Budget hotels across Europe had keypad codes that could be leveraged for room entry exposed due to a security flaw impacting its self check-in kiosks, SecurityWeek reports.Impacted kiosks could be exploited by inputting dashes to display current hotel bookings, which when clicked showed keypad access codes and room numbers, information that attackers could use to facilitate unauthorized room entry, according to a report from Pentagrid, which discovered and reported the vulnerability that has since been addressed by Ibis Budget parent firm Accor."Access to hotel rooms would allow the theft of valuables, especially if low-budget hotel rooms are not equipped with a room safe," said Pentagrid.While the identity of the kiosks' vendor remains uncertain, such a vulnerability could have stemmed from a test function or bug not immediately remediated by the vendor and not from the master code for booking access, Pentagrid added.
Vulnerability Management, Patch/Configuration Management
Ibis Budget room codes exposed by vulnerability
(Adobe Stock)
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds