{"id":215625,"date":"2026-02-20T08:46:00","date_gmt":"2026-02-20T13:46:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/02\/20\/claroty-team82-warns-of-growing-cybersecurity-risks-in-legacy-lontalk-protocols-across-bms-deployments\/"},"modified":"2026-02-20T09:07:46","modified_gmt":"2026-02-20T14:07:46","slug":"claroty-team82-warns-of-growing-cybersecurity-risks-in-legacy-lontalk-protocols-across-bms-deployments","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/02\/20\/claroty-team82-warns-of-growing-cybersecurity-risks-in-legacy-lontalk-protocols-across-bms-deployments\/","title":{"rendered":"Claroty Team82 warns of growing cybersecurity risks in legacy LonTalk protocols across BMS deployments"},"content":{"rendered":"<p><a href=\"https:\/\/industrialcyber.co\/threat-landscape\/claroty-team82-warns-of-growing-cybersecurity-risks-in-legacy-lontalk-protocols-across-bms-deployments\/\">Claroty Team82 warns of growing cybersecurity risks in legacy LonTalk protocols across BMS deployments<\/a><\/p>\n<p><a href=\"https:\/\/industrialcyber.co\/threat-landscape\/claroty-team82-warns-of-growing-cybersecurity-risks-in-legacy-lontalk-protocols-across-bms-deployments\/\">https:\/\/industrialcyber.co\/threat-landscape\/claroty-team82-warns-of-growing-cybersecurity-risks-in-legacy-lontalk-protocols-across-bms-deployments\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-02-20 08:46:00<\/a><\/p>\n<p>Source Domain: <a href=\"industrialcyber.co\">industrialcyber.co<\/a><\/p>\n<p>Claroty\u2019s threat research team, Team82, has uncovered fresh cybersecurity concerns tied to the LonTalk protocol, a foundational communication standard used deep within many building management and automation systems. Originally developed in the 1990s for isolated, serial device networks, LonTalk still exists in legacy BMS (building management systems) deployments even as modern systems migrate toward IP\u2011based architectures. As these older protocols are exposed to enterprise networks and the internet without adequate protection, they introduce a broad attack surface that malicious actors can exploit, especially given documented and undocumented security gaps and the end of dedicated silicon support for core components.\u00a0<\/p>\n<p>Team82\u2019s analysis highlights how the persistence of LonTalk in critical infrastructure such as HVAC (heating, ventilation, and air conditioning), lighting, energy controls, and other facility systems is creating real risk as digital integration accelerates, demanding renewed attention to hardening legacy protocols in operational environments.<\/p>\n<p>\u201cThe LonTalk protocol is versatile, capable of operating over multiple physical topologies using media such as twisted pair wiring, power lines, and radio frequency,\u201d Amir Zaltzman, senior vulnerability researcher at Team82, wrote in the Thursday blog post. \u201cLater implementations standardized LonTalk over IP through the CEA-852 standard. Beyond data exchange, LonTalk provides network management and diagnostic services, enabling integrators to commission devices, assign addresses, monitor node status, and clear error logs directly through the protocol.\u201c<\/p>\n<p>The LonTalk protocol, developed in the early 1990s by Echelon Corp. of Massachusetts, was widely used for device-to-device communication in building automation and management systems, but it has largely been supplanted by the more modern and secure BACnet standard. Despite this, LonTalk remains embedded in many proprietary BMS&#8230;<\/p>\n<p><a href=\"https:\/\/industrialcyber.co\/threat-landscape\/claroty-team82-warns-of-growing-cybersecurity-risks-in-legacy-lontalk-protocols-across-bms-deployments\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Claroty Team82 warns of growing cybersecurity risks in legacy LonTalk protocols across BMS deployments https:\/\/industrialcyber.co\/threat-landscape\/claroty-team82-warns-of-growing-cybersecurity-risks-in-legacy-lontalk-protocols-across-bms-deployments\/&#8230;<\/p>\n","protected":false},"author":1,"featured_media":215626,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/industrialcyber.co\/wp-content\/uploads\/2026\/02\/2026.02.20-Claroty-Team82-warns-of-growing-cybersecurity-risks-in-legacy-LonTalk-protocols-across-BMS-deployments.webp","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[57,27],"class_list":["post-215625","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-security","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/215625"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=215625"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/215625\/revisions"}],"predecessor-version":[{"id":215627,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/215625\/revisions\/215627"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/215626"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=215625"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=215625"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=215625"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}