CVE-2024-2422 LenelS2 CVE debrief

Who should care

Organizations using LenelS2 NetBox for physical access control and security event monitoring, particularly in critical infrastructure, commercial facilities, and enterprise environments. Security teams responsible for OT/ICS security and facility management personnel should prioritize this patch.

Technical summary

Authenticated remote code execution vulnerability in LenelS2 NetBox access control and event monitoring system. Affects versions ≤5.6.1. Fixed in 5.6.2.

Defensive priority

high

Recommended defensive actions

• Upgrade to LenelS2 NetBox version 5.6.2 by contacting your authorized installer
• Follow the NetBox hardening guide available in the product's built-in help menu
• Review Carrier's security bulletin for additional guidance
• Apply network segmentation to limit access to NetBox management interfaces
• Monitor for unauthorized authentication attempts or anomalous command execution

Evidence notes

CISA published advisory ICSA-24-151-01 on May 30, 2024, identifying authenticated RCE in LenelS2 NetBox versions ≤5.6.1. Carrier released version 5.6.2 as the vendor fix.

Official resources