SecuRam installs backdoor on ProLogic series safe locks
❗Article Status Notice: This Article is a stub
This article is underdeveloped, and needs additional work to meet the wiki's Content Guidelines and be in line with our Mission Statement for comprehensive coverage of consumer protection issues. Learn more ▼
Issues may include:
- This article needs to be expanded to provide meaningful information
- This article requires additional verifiable evidence to demonstrate systemic impact
- More documentation is needed to establish how this reflects broader consumer protection concerns
- The connection between individual incidents and company-wide practices needs to be better established
- The article is simply too short, and lacks sufficient content
How you can help:
- Add documented examples with verifiable sources
- Provide evidence of similar incidents affecting other consumers
- Include relevant company policies or communications that demonstrate systemic practices
- Link to credible reporting that covers these issues
- Flesh out the article with relevant information
This notice will be removed once the article is sufficiently developed. Once you believe the article is ready to have its notice removed, please visit the Moderator's noticeboard, or the Discord (join here) and post to the #appeals channel, or mention its status on the article's talk page.
Researchers found a way to open safes with SecuRam ProLogic safe locks without the passkey using backdoor codes installed by the manufacturer. [1][2] SecuRam offers no path for vulnerable customers to protect themselves. They have declined to offer a firmware patch, and have not yet released new ProLogic locks that are not vulnerable to this attack.[3][4]
Background
In 2023 news broke that Liberty Safe kept a master key for all safes that it sold.[5] Security researcher Mark Omo and James Rowley attempted to discover vulnerabilities involving this master key. They were unsuccessful, but did discover two techniques for opening safes sold by Liberty Safe that were equipped with SecuRam ProLogic series locks.[3]
Discovery
On August 8th, 2025 while on-stage at DEF CON[2][1] in Las Vegas, researchers Mark Omo and James Rowley demonstrated that SecuRam ProLogic safe locks can be opened by unauthorized users without the passkey using backdoors installed by the manufacturer. In the interest of public safety, they opted not to publicly reveal the techniques they discovered. They did however provide a live demonstration to journalist Andy Greenberg from WIRED.[3][4]
SecuRam's Response
SecuRam's CEO Chunlei Zhou responded to the discoveries by saying that the vulnerabilities were already known by industry professionals. Zhou also added that SecuRam will not provide updated firmware for vulnerable locks, but will be releasing new ProLogic safe locks that are not vulnerable to the aforementioned backdoors by end of year 2025.[3][4]
Consumer response
On August 8th, 2025 in response to SecuRam CEO Chunlei Zhou's statements, researchers Mark Omo and James Rowley rebutted by saying that the vulnerabilities were not previously known to the public. Liberty Safe has also responded to Zhou's statements, claiming that the vulnerabilities were previously unknown to them.[3][4]
References
- ↑ 1.0 1.1 Cash, Drugs, and Guns: Why Your Safes Aren't Safe - DEF CON talk abstract by Mark Omo and James Rowley (Archived)
- ↑ 2.0 2.1 DEF CON Presentation Slides by Mark Omo and James Rowley (Archived)
- ↑ 3.0 3.1 3.2 3.3 3.4 Greenberg, Andy (2025-08-08). "Hackers Went Looking for a Backdoor in High-Security Safes—and Now Can Open Them in Seconds". WIRED. Archived from the original on 8 Aug 2025.
- ↑ 4.0 4.1 4.2 4.3 "We Digitally Cracked A High-Security Safe | Hacklab | WIRED". Youtube. 2025-09-11. Archived from the original on 17 Feb 2026.
- ↑ Levenson, Michael (2023-09-08). "How a Company That Makes Gun Safes Angered Gun Owners". The New York Times. Archived from the original on 10 Sep 2025.