Earlier this week, a publication by Vpnmentor reported on vulnerabilities of the Biostar 2 system from Suprema. In this publication, an association has been made between this biometric system supplied by Suprema and the Nedap AEOS access control system.

Recently, an interface was made between a Biostar 2 system supplied by Suprema, and the Nedap AEOS access control system. This only concerns an interface between Nedap AEOS access control system and the version of a Biostar 2 system that is installed on the customers’ local server. There is, therefore, no connection between Nedap AEOS access control system and the cloud version of the Biostar 2 system on which the findings of Vpnmentor are based. Users of Nedap AEOS access control systems, therefore, do not have to take any additional measures to protect the Nedap AEOS access control system against the reported vulnerabilities.

Statement Suprema
Aug 21, 2019
Announcement for the cybersecurity incident in the Media regarding BioStar 2 Cloud APl
https://www.supremainc.com/en/main.asp
https://www.supremainc.com/en/asset/images/common/m_announcement_pop_190820.jpg