PRODUCT: Cencon Gen2 Lock Firmware

BULLETIN: KABA Technical Services Bulletin #02

DATE: 09/22/2011, Revised 10/07/11

Issue:

When used with Cencon Gen2 lock firmware, Cencon Software (Version 3 and below) and Standalone Cenbank Software (Version 4 and below) can overwrite an already active mode on the lock.

Description:

The scenario can occur on a new or existing ATM when a Gen2 lock is activated in a mode and another party is active in a mode, or is granted access to the lock to activate a new mode. If their SA key is programmed for the existing mode in addition to their actual mode, they will overwrite the existing mode.

Example:

Company A activates FLM mode on a Gen2 lock. Company B is granted access to add Route mode. If Company B has also programmed their SA for FLM mode, their FLM mode will overwrite Company A's FLM mode on the lock.

Additional Information:

When either or both parties are operating Cencon 4 Software this issue will not occur, due to security updates to the format of an SA key and because new modes are checked against existing modes in the Gen2 lock. The format of an SA key in a Version 3 or below client is not being compared against existing modes when programming.

Please be aware that the back cover of the lock must be accessed and programmed using a Version 3 or below client for this issue to occur. The lock's audit trail clearly details what has occurred.

Field Resolution:

• To achieve the most security benefits from Cencon, Kaba Mas strongly recommends that all companies activating and managing Cencon locks upgrade to Cencon 4 Software if operating on a Version 3 or below or operating Cenbank 4 or below.
• To resolve the issue in the interim, the company that overwrote the existing mode must shelve themselves out of that mode on the lock. The original owner of the mode must force shelve and reactivate themselves onto the lock to regain access, if using Cencon 4. Users of Cencon 3 or below can run an additional activation.
• Firmware Version 2.0.929 this firmware release corrects the issue of the SA activate key lock record from Cencon 3 or below not being correctly compared against active modes. Version 2.0.929 manufacturing started at serial number 0046131.
• Cencon Gen2 Firmware Upgrade Identification Version 2.0.929 level firmware is identified on all locks going out effective 09/21/2011 (see Page 2).

Cencon Gen2, Firmware Upgrade Identification

Labels are applied to the outer shipping box, the unit box, and the lock case cover.

The outer box has label applied. The unit boxes have labels applied.

The lock body has label 202232H on case cover, which denotes the Gen2 firmware upgrade level to 2.0.929.