Insinia recently came across a shocking vulnerability in digital solenoid safes.
We first tested this attack whilst carrying out a Penetration Test. Insinia found that a Director of a company was using this type of safe to secure his password, decryption keys, passport etc.
The attack is carried out by exploiting the solenoid mechanism within the safe unit. When you enter a passcode in to the unit it energises a solenoid which "pulls in" the locking bolts and mechanism on the door.
This leaves the unit extremely vulnerable to a basic attack, where an attacker can use their bare hands to jump the solenoid, therefore making it possible to open the safe with no key, no code and no tools!
Check out the video below or on our media page for a live demo!
Makes tested and confirmed vulnerable: Yale, VonHaus, Pisces, Kingavon, Ardisle and many more!