Update to fix potential vulnerability in FTP access of the Miniserver

26th January 2022 in Technology

At Loxone, we regularly carry out security audits to ensure the continuous safety of our systems.

During our last audit on 24 January 2022, we discovered a security vulnerability related to FTP access of Miniservers running firmware versions 12.1.6.17, 12.1.7.16, 12.2.10.27 and 12.2.11.5.

This vulnerability can be used, in rare scenarios, in installations where attackers gain FTP access to the Miniserver, allowing them to modify data.

Our team has created a new version to fix this issue. This version (12.2.12.1) is now available to download, and we strongly recommend all Miniservers running versions 12.1.6.17, 12.1.7.16, 12.2.10.27 and 12.2.11.5 be updated.

Today, a notification prompt was pushed via the Loxone App – enabling users with the relevant permissions to initiate the update themselves. The new version does not include any other changes apart from fixing the security vulnerability.

There are no known cases of an attacker exploiting this vulnerability. However, as always, we recommend keeping all customer installations up to date. The update completely prevents a potential attack scenario and thus ensures maximum security.

Download Now

	Monday	Tuesday	Wednesday	Thursday	Friday
0830-0900	Welcome	Arrival and Exchange	Arrival and Exchange	Arrival and Exchange	Arrival and Exchange
Unit 1	Easy Lighting Planning Square meter formulas. Room types, Direct/Indirect	Automatic Basic Lighting Presence Sensor Air/Tree	Shading & Automation Controls vs Automation configuration shading types	Multiroom Audio System, scaling, simple audio planning	Media controller IR and RS Protocols, AVR
Unit 2	Intuitive Operating Concept Room types & moods	Presence Optimization Exercises by type of room	System Protection Functions Storm, frost, privacy, break-in	Cabling & Configuration Audioserver Extension speaker	Operating Concept Specific Operating modes, Touch Pure Flex
Unit 3	Configuration Room Types Basic Configuration	Presence Areas Practice P/1-8	Optimise Protection Functions Practical exercises by type	Operation & Connections Line In/Out, SPDIF Signal converter	Optimise Conference Room Control and programming
1200	Lunch Break	Lunch Break	Lunch Break	Lunch Break	Lunch Break & wrap up
Unit 4	Lighting Controller In-depth T5/1-8, lC1-4, M+/-, Mix	Technologies Dali, DMX, PWM	Weather & Sunshine Weather station & forecasts	Smart Home Functions TTS, Announcements, Bell
Unit 5	Operating Concept Advanced Exercise by type of room	Daylight Control HCL Practical implementation	Automatic Sun Position Control Protection types IR/UV/Lux	HiFi and Ambient Sound Signum and Install 7
Unit 6	Operating Concept Specific Hotel, Office, Auditorium	Constant Light Control Measurement, control, implementation	Automatic Sun Position Control Optimization of parameters	Acoustics & Sound Optimization Optimize audio planning
Unit 7	Touch Pure Flex Scrolling text, master brightness	Signalization via Light Practice example	Operating Concept Specific Practical examples	Audioserver in combination Exercises Lan/Tree Turbo

Update to fix potential vulnerability in FTP access of the Miniserver

Lighting, Shading & Sound Training Timetable

Change product

Activate Online Services

Let’s talk about your project…

Extend Online Service

Transfer Online Service

Change product

Delete product

Activate Online Services

Change product

Delete product

Transfer Miniserver: