Summary: Researchers have uncovered 49,000 misconfigured and exposed Access Management Systems (AMS), jeopardizing privacy and security across critical sectors. These vulnerabilities allow unauthorized access and manipulation of sensitive employee data, raising substantial risks for physical security, especially in government and essential infrastructure. Mitigation efforts are underway, including direct outreach to system owners and security recommendations from the researchers.
Affected: Multiple industries and organizations globally
Keypoints :
- 49,000 exposed AMS found worldwide, with Italy having the highest number (16,678).
- Sensitive data includes personal identification, biometric information, and access logs, being unencrypted and vulnerable.
- Recommended mitigations include changing default admin credentials, implementing multi-factor authentication, and securing systems behind firewalls.