Critical VingCard Hotel Lock Vulnerability

---

A critical vulnerability exists in the ASSA ABLOY Hospitality Vision by VingCard hotel lock system, versions 6.4.2 and older using radio-frequency identification (RFID). The vulnerability can be exploited by an attacker to clone guest keys or create master keys. Hotels using this system are asked to take immediate remediation steps to avoid impact. Impacted hotels are asked to immediately register their software with ASSA ABLOY and apply the required patch to remediate the vulnerability. Some hotels may have been contacted directly by the vendor to start this process.

Hotels using any of the following VingCard systems are NOT impacted by this vulnerability: (1) the VingCard Visionline software; (2) Mobile Key or SPG Keyless Systems; (3) VingCard systems using magnetic stripe key locks, and (4) VingCard Vision versions higher than 6.4.2.

Visit MGS for more details, instructions and links.