Skip to main content
Skip table of contents

Key Security Improvements in 10.2

MyQ X 10.2 introduces significant security enhancements designed to strengthen protection against evolving cyber threats while maintaining operational efficiency. These improvements address critical vulnerabilities and implement modern security standards.

Enhanced TLS Security

Default TLS 1.2 Minimum Version: MyQ X 10.2 increases the default minimum TLS version from 1.1 to 1.2, with support for TLS 1.3. This eliminates support for deprecated SSL protocols and weak ciphers that pose security risks.

Improved Certificate Validation: Enhanced certificate validation prevents the use of expired or improperly issued certificates, protecting against man-in-the-middle attacks and other vulnerabilities. The system now automatically trusts Root CA certificates from the server's system certificate store.

Authentication Security Enhancements

Enhanced Password and PIN Security: Improved password hashing algorithms strengthen credential protection. The system introduces new PIN security rules, including mandatory 6-digit minimum length and prevention of easily guessable combinations like "1234" or "1111".

Login Attempt Protection: Unsuccessful authentication attempts are now limited for security reasons. By default, clients/devices are blocked for 5 minutes after more than 5 invalid login attempts within 60 seconds, with configurable time periods.

Improved Login Event Logging: Enhanced logging of login events, especially failed authentication attempts, makes filtering and monitoring security events in MyQ Log easier for administrators.

Database Security Upgrades

Firebird 4.0 Implementation: Upgrade to Firebird 4.0 database engine brings enhanced security features and improved performance. Database passwords are now obfuscated in log files to prevent credential exposure.

Enhanced Data Protection: Limited access to sensitive data through custom reports and external reporting accounts, ensuring data confidentiality across different access levels.

Vulnerability Resolution

Critical CVE Fixes: MyQ X 10.2 addresses multiple critical vulnerabilities including:

  • CVE-2024-28059: Unauthenticated Remote Code Execution vulnerability.

  • CVE-2024-22076: PHP Scripting security improvements.

  • CVE-2023-45853, CVE-2023-5678, CVE-2023-49316: Third-party component vulnerabilities.

Component Security Updates: Updated versions of critical components including OpenSSL 3.1.0, PHP 8.3.14, and Apache 2.4.57 address known security vulnerabilities.

API and Integration Security

REST API Restrictions: Limited scopes for well-known clients and removed capabilities for sensitive operations like changing user authentication servers, strengthening API security.

PHP Scripting Controls: New Easy Config settings allow administrators to lock/unlock PHP scripting access, improving security by maintaining these settings in read-only mode.

Administrative Security

Enhanced Admin Account Security: Default admin password has been removed for new installations. Administrators can now disable admin accounts when not needed, promoting the use of specific user accounts with appropriate rights rather than shared administrative accounts.

These security improvements demonstrate MyQ X's commitment to maintaining enterprise-grade security standards while addressing contemporary cybersecurity challenges. Regular security updates and proactive vulnerability management ensure organizations can deploy MyQ X with confidence in their security.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close