Security vulnerabilities in hotel room locks made by Dormakaba have been exposed by white-hat hackers Ian Carroll and Lennert Wouters. The Saflok keycard lock system, used in three million rooms globally, can be compromised using inexpensive RFID devices or an NFC-enabled Android phone. Despite being notified in November 2022, Dormakaba has only updated 36% of the affected locks by early 2023, with a full fix potentially taking years due to non-internet-connected locks requiring hardware replacements. The company is working on both immediate and long-term solutions, but the slow response raises concerns of potential exploitation similar to past incidents with Onity locks. The hackers have withheld full details of the exploit to prevent misuse and encourage a swift resolution.
Read more at Futurism…