CVE-2024-2421 LenelS2 CVE debrief

Who should care

Organizations using LenelS2 NetBox for physical access control and security event monitoring, particularly in critical infrastructure, commercial facilities, and enterprise environments. Security teams responsible for OT/ICS security and physical security infrastructure.

Technical summary

Unauthenticated remote code execution vulnerability in LenelS2 NetBox access control and event monitoring system. Affects versions ≤5.6.1. Allows attackers to execute commands with elevated permissions. Fixed in version 5.6.2.

Defensive priority

critical

Recommended defensive actions

• Upgrade LenelS2 NetBox to version 5.6.2 by contacting your authorized installer
• Follow the NetBox hardening guide available in the product's built-in help menu
• Review Carrier's security bulletin for additional mitigation guidance
• Apply network segmentation to limit exposure of NetBox systems
• Monitor for unauthorized access attempts to NetBox management interfaces

Evidence notes

CISA ICS advisory ICSA-24-151-01 published May 30, 2024 confirms unauthenticated RCE in NetBox versions ≤5.6.1 with vendor fix in 5.6.2. CVSS 3.1 vector AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H per source.

Official resources