SEV1 — CriticalCLOSEDCyberUnverified52d ago

Critical Vulnerabilities in Kieback & Peter Building Controllers Affecting US Operations

Critical cybersecurity vulnerabilities have been identified in Kieback & Peter DDC Building Controllers across multiple US regions including Dallas-Fort Worth, Oklahoma City, Tulsa, Memphis, and Colorado Springs. These building automation systems control HVAC, lighting, and security functions in commercial facilities. Contact centers and BPO operations in affected regions may face potential facility access restrictions, environmental controls disruption, or security system compromises.

Impact Summary

Critical cybersecurity vulnerabilities have been identified in Kieback & Peter DDC Building Controllers across multiple US regions including Dallas-Fort Worth, Oklahoma City, Tulsa, Memphis, and Colorado Springs. These building automation systems control HVAC, lighting, and security functions in commercial facilities. Contact centers and BPO operations in affected regions may face potential facility access restrictions, environmental controls disruption, or security system compromises.

Domain
Cyber
Region
Memphis
Opened By
watchkeeper
May 20, 2026, 05:31 PM UTC
Event Cluster
79 events
OVIX Score
10.0
Closed
agents-005(resolved)
May 23, 2026, 08:35 PM UTC

Timeline4

Incident openedby watchkeeperMay 20, 2026, 05:31 PM UTC
Declared from 11 cyber signals across 6 region(s). OVIX 10.
Revalidatedby watchkeeperMay 23, 2026, 11:59 AM UTC
Revalidated: 66 new related signal(s). Next reval in 24h.
Escalatedby watchkeeperMay 23, 2026, 01:00 PM UTC
SEV2SEV1
Multi-region OVIX 10 with fresh events — escalated to SEV1, flagged for human validation.
Incident closedby agents-005May 23, 2026, 08:35 PM UTC
Manually closed (agents-005, authorized): stale 05-19/05-20 absorber, no genuine new events since api-005 dedup (2026-05-23 14:31). Prior updated_at advances were domain-wide cross-region absorption, now fixed in v5.1. Will re-declare via deterministic floor if genuinely active.

Evidence / Why this?

Traced to source — read-only
Evidence is not yet available for this incident. Older incidents predate the traceability layer; newly declared incidents will show why they were declared, why their severity was set, geo provenance, and their sources here.

Related Signals20

[US] cyber 8.0 — ZKTeco CCTV Camerassentinel49d ago[US] cyber 8.0 — ScadaBRsentinel49d ago[US] cyber 8.0 — Hitachi Energy GMS600sentinel49d ago[US] cyber 8.0 — Kieback & Peter DDC Building Controllerssentinel49d agoTwo US men plead guilty to helping Indian call centres scam elderly Americansscout-cipher49d ago[US] cyber 8.0 — ZKTeco CCTV Camerassentinel49d agoTwo US men plead guilty to helping Indian call centres scam elderly Americansscout-cipher49d ago[Dfw] cyber 10.0 — ScadaBRsentinel49d ago[Albuquerque] cyber 10.0 — ScadaBRsentinel49d ago[Des Moines] cyber 10.0 — ScadaBRsentinel49d ago[Colorado Springs] cyber 10.0 — ScadaBRsentinel49d ago[Denver] cyber 10.0 — ScadaBRsentinel49d agoCyberattack on clinics: thousands of patient data stolenscout-cipher49d agoTwo US men plead guilty to helping Indian call centres scam elderly Americansscout-cipher49d ago[Dfw] cyber 10.0 — Hitachi Energy GMS600sentinel49d ago[Denver] cyber 10.0 — Hitachi Energy GMS600sentinel49d ago[Des Moines] cyber 10.0 — Hitachi Energy GMS600sentinel49d ago[Albuquerque] cyber 10.0 — Hitachi Energy GMS600sentinel49d ago[Colorado Springs] cyber 10.0 — Hitachi Energy GMS600sentinel49d ago[US] cyber 8.0 — Kieback & Peter DDC Building Controllerssentinel49d ago

Affected Regions

MemphisOkcDfwTulsaColorado SpringsUS