In a nutshell: Canadian safety researcher Eric Daigle not too long ago found a safety deficiency related to management panels used to limit entry to condominium buildings throughout the US and Canada. Briefly, some operators by no means bothered to vary the system’s default password, making it trivially straightforward to achieve entry, view exercise logs, and extra.
Daigle began digging into the system late final 12 months after noticing an attention-grabbing trying entry management panel whereas out and about sooner or later. A fast Google seek for “MESH by Viscount” led to a gross sales web page promoting distant entry capabilities, and one other search turned up a .PDF set up information.
As is considerably frequent, the system ships with a default password that admins are inspired to vary (but in response to Daigle, the handbook would not clarify how to take action). Looking out the UI’s login web page title surfaced a number of login pages, and he was capable of log into the very first one utilizing the default credentials. That isn’t a superb signal.
As soon as contained in the system, Daigle had the facility to unlock any entrance, register new key fobs or delete current ones, change the ground they’re licensed for, and extra. He additionally had entry to a multi-year log displaying all fob exercise in addition to residents’ full names, unit numbers, and cellphone numbers. It would not take a lot poking round to select up on residents’ habits, both. For instance, you can simply decide that John Doe leaves for work at 8 am and will get dwelling round 6 pm Monday by means of Friday.
In whole, Daigle discovered 89 uncovered methods in use by condominium buildings. Most of them – 71 – had been in Canada, with the remainder being within the US.
The researcher reached out to the system’s vendor, who stated that admins are usually not following the producers’ suggestions to vary the default password. The difficulty has been designated as CVE-2025-26793, with a crucial severity rating of 10. A senior product supervisor informed TechCrunch that it had reached out to clients about following the instruction handbook.
