KMC Controls Conquest BACnet Router Vulnerabilities

CVSS 5.3 MEDIUM

CVEs (2)

CVE-2016-4494 CVE-2016-4495

KMC Controls has released firmware Version E0.2.0.2 for the BAC-5051E router to add additional security for web-based access to the router’s configuration pages. KMC Controls recommends that all BAC-5051E routers be upgraded to this version. Users can obtain the latest version of the firmware in the KMC Controls partner portal (requires a login). (https://partners.kmccontrols.com/user/login)
According to KMC Controls, the BAC-5051E router is not intended to be a public facing Internet device. For best security, install the router behind a firewall inside a site’s intranet network. KMC Controls has also sent a copy of its technical bulletin to users. A copy of this bulletin can be found on KMC Controls’ web site in the service bulletin section.

KMC Controls

KMC Controls · BAC-5051E router firmware <E0.2.0.2

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.