Home Hacking News Thousands of Misconfigured AMS Risk Buildings’ Security Globally
Hacking NewsLatest Cyber Security News | Network Security HackingNewsVulnerabilities

Thousands of Misconfigured AMS Risk Buildings’ Security Globally

by Abeerah Hashim
written by Abeerah Hashim
Thousands of Misconfigured AMS Risk Buildings’ Security Globally

Researchers found thousands of misconfigured access management systems (AMS) exposing sensitive data online. These misconfigured AMS expose staff’s sensitive details and reveal other sensitive data, risking the security of critical buildings globally.

Misconfigured AMS Expose Critical Buildings And Staff

Researchers from the cybersecurity firm Modat have shared a detailed report about exposed Access Management Systems (AMS) that pose a huge security risk. They observed several thousands of misconfigured AMS installed globally, which compromise the physical security of critical buildings.

Specifically, the researchers highlighted the severity of the threat due to internet-facing misconfigured AMS running globally. That means the security risk isn’t limited to a few countries or a specific region, rather it spans continents. These threats include data theft, unauthorized system access, information disclosure, and identity theft. These misconfigured AMS risk all major sectors globally, including education, healthcare, manufacturing, construction, oil sector, and even government systems.

As explained in their report, the researchers found these exposed, misconfigured AMS during a global scanning earlier this year. Investigating the matter led them to deduce that those misconfigured AMS could allow unauthorized access to sensitive data, risking digital and physical security.

Specifically, they noticed over 49,000 misconfigured AMS installed globally, primarily in non-residential buildings. During their investigation, the researchers could access various sorts of sensitive information, such as a list of departments and their employees, full details of the staff, including names, email addresses, phone numbers, pictures, and their biometric access information. In another instance, they could also see the timestamps for staff access to respective floors. Moreover, since AMS is also used in vehicle access to specific buildings, the researchers could also access and manipulate vehicle access data, which could risk the physical security of the infrastructure.

Prompt Scanning Recommended To Mitigate The Threat

Following this discovery, the Modat team contacted various organizations at risk of attacks through exposed AMS. To prevent such threats, the researchers advise placing such sensitive access systems behind firewalls and VPNs to prevent unrestricted access, ensuring regular security updates and patch management, changing authorization credentials promptly, and regularly scanning for possible vulnerabilities.

Let us know your thoughts in the comments.

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: abeerah@latesthackingnews.com

You may also like

A WinRAR Flaw Could Allow MotW Security Bypass

SpyCloud Research Shows that Endpoint Detection and Antivirus...

New Triada Malware Variant Comes Pre-Loaded On Sham...

Researchers Discover Malicious Android Apps Exploiting .NET MAUI

G2 Names INE 2025 Cybersecurity Training Leader

Active Roles Wins 2025 Cybersecurity Excellence Award for...

Cyber Guardians: INE Security Champions Cybersecurity Training During...

SpyCloud’s 2025 Identity Exposure Report Reveals the Scale...

European Cyber Report 2025: 137% more DDoS attacks...

INE Security Alert: Using AI-Driven Cybersecurity Training to...