Two researchers employed by F-secure have been working for more than a decade to try to find a vulnerability in the hotel lock software system VingCard Vision.
Regarding this, ASSA ABLOY wants to make the following statements and clarifications:
- Vision Software is a 20-year-old product, which has been compromised after 12 years and thousands of hours of intensive work by two employees at F-Secure.
- ASSA ABLOY has fixed the flaws in the Vision software and issued software updates, released in February. Hotels that have applied the updates to their systems are not vulnerable.
- Digital devices and software of all kinds are vulnerable to hacking. However, it would take a big team of skilled specialists years to try to repeat the effort. Since the tools are not made available, it is not about just going into a hotel and getting instant access.
- These locks represent only a small fraction of the hotel locks in the world and are being rapidly replaced with new, more advanced technology.
- For the past decade new features have been launched exclusively on Visionline, a different platform that is not impacted.
- ASSA ABLOY is constantly monitoring, assessing and addressing its security in order to keep its technology safe.
- Tools and details of the method will not be released by F-Secure and are known by very few individuals.