Credit: Manuel Hofer & Matthias Klinski
Everyone loves superheroes and the developers behind AMX’s room automation products are not immune. In early 2015, the dynamic duo at SEC-Consult (pow) identified a backdoor account in the AMX product line called “BlackWidow”. This account provided full access to the product through the standard configuration management interface. After applying the advanced posturing process known as coordinated disclosure, SEC-Consult decided to get retro and examine the “fixed” firmware. After BlackWidow had been busted, the AMX team decided to deliver on the backdoor account their customers need, but not necessarily the one they want. Leet Batman (1MB@tMaN) stepped forward to replace BlackWidow as the backdoor account of preference and both superheroes were only permanently banished after yet another round of coordinated disclosure.