High severity7.5NVD Advisory· Published Dec 10, 2017· Updated May 13, 2026

CVE-2017-16241

Description

Incorrect access control in AMAG Symmetry Door Edge Network Controllers (EN-1DBC Boot App 23611 03.60 and STD App 23603 03.60; EN-2DBC Boot App 24451 01.00 and STD App 2461 01.00) enables remote attackers to execute door controller commands (e.g., lock, unlock, add ID card value) by sending unauthenticated requests to the affected devices via Serial over TCP/IP, as demonstrated by a Ud command.

Affected products

Amag/En 1dbc Firmware
cpe:2.3:o:amag:en-1dbc_firmware:03.60:*:*:*:*:*:*:*
Amag/En 2dbc Firmware
cpe:2.3:o:amag:en-2dbc_firmware:03.60:*:*:*:*:*:*:*
Amag/Std Firmware2 versions
cpe:2.3:o:amag:std_firmware:01.00:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:amag:std_firmware:01.00:*:*:*:*:*:*:*
- cpe:2.3:o:amag:std_firmware:03.60:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.secureworks.com/research/advisory-2017-001nvdThird Party Advisory
hushcon.com/schedule.htmlnvdNot Applicable

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000