Physical-Security — CraftedSignal Threat Feedhttps://feed.craftedsignal.io/tags/physical-security/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioThu, 19 Mar 2026 22:15:35 +0000Vulnerabilities in Paxton Net2 Access Control Unitshttps://feed.craftedsignal.io/briefs/2026-03-paxton-net2-vulns/Thu, 19 Mar 2026 22:15:35 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-paxton-net2-vulns/Vulnerabilities in Paxton Net2 Access Control Units (ACUs) could allow unauthorized remote access and control of secured doors, potentially affecting prisons and other high-security facilities.A Reddit post highlights potential vulnerabilities within Paxton Net2 Access Control Units (ACUs). While the specifics of the vulnerabilities are not detailed in the Reddit post itself, the linked article allegedly describes how these flaws can be exploited to remotely unlock doors controlled by the Net2 system, potentially impacting prisons or other facilities using this access control technology. The potential for remote exploitation raises significant concerns about physical security bypass. Defenders should investigate their exposure to this product and monitor for anomalous network activity to or from these devices.

Attack Chain

  1. Attacker identifies a vulnerable Paxton Net2 ACU connected to the network.
  2. Attacker leverages an unspecified vulnerability to gain unauthorized access to the ACU.
  3. Attacker authenticates or bypasses authentication on the ACU to gain control.
  4. Attacker sends a command to the ACU to unlock a specific door.
  5. The ACU executes the command, releasing the electronic lock on the door.
  6. Attacker gains physical access through the unlocked door.

Impact

Successful exploitation of these vulnerabilities could lead to unauthorized physical access to secured areas. In a prison setting, this could enable escapes and security breaches. Other facilities, such as data centers or government buildings, could also be at risk. The number of affected facilities is unknown.

Recommendation

  • Investigate internal usage of Paxton Net2 ACUs and determine firmware versions.
  • Monitor network traffic to and from Net2 ACUs for unexpected communications, as highlighted in the overview.
  • Review logs from Net2 ACUs for suspicious activity, if available, focusing on unusual unlock events.
  • Deploy the Sigma rule for unexpected user agents to detect reconnaissance activity targeting these devices.
  • Block access to https://it4sec.substack.com/p/hacking-prison-doors-remotely-like at the web proxy, as this site may contain exploit information.
]]>highadvisoryaccess-controlphysical-securityvulnerability