Edge computing has been around longer than people think in many building access control devices that use biometrics. In particular, facial recognition devices have become popular with building management recently. These devices determine who can enter a secured premises or not. Taking a deep dive into the security posture of these devices, we discovered leakage of sensitive data and we were able to bypass the security of some of these devices completely. In some cases, these facial recognition access control devices opened the door for us with the camera not even seeing a face.
These access control devices are an example of a new computing paradigm called edge computing. It is a computing architecture designed to bring compute nodes and resources closer to the actual sensors and actuators at the edges of the network, which enables these devices to perform computations and take decisions based solely on the local input, without needing to wait for instructions from an external service.
Migrating the bulk of the computing tasks to the edge introduces risks that were previously not viable with cloud computing. Edge computing nodes are more prone to physical attacks, as they are often located closer to the sensors in the field. Gaining physical access to edge devices also risks access to the rest of the enterprise network, as well as increase the chance of theft of edge nodes, which can contain machine learning models and business logic.
In this research, we showcase several vulnerabilities in edge-based access control devices that are tightly linked to the new device architecture. By exploiting said vulnerabilities we will show how a malicious actor could easily break the physical security of your building and accessing restricted areas by adding unauthorized users, escalating to device administrator, or exfiltrating sensitive enterprise data. Additionally, we included some guidelines in order to help mitigate the security risks introduces by these devices.