2N® Access Commander version 3.4.2 (September 2025)
2N® Access Commander version 3.4 introduced a range of new features, detailed below. This subsequent 3.4.2 release adds support for 2N OS firmware 2.49, delivers minor text improvements, and resolves a few small issues.
This release includes security fixes and addresses concerns regarding the following user reported vulnerabilities.
- CVE-2025-59783 - improper input validation, could lead to command injection (requires authenticated administrator account).
- CVE-2025-59784 - improper sanitisation of application logs, risking malicious injections exploitable by downstream systems.
It is strongly recommended that all users upgrade to version 3.4.2 to ensure the security of their installation. As with all Access Commander upgrades, this release updates external dependencies critical for security.
IMPORTANT - Due to a redesign of the proxy server settings, upgrading to this version from 3.3.1 or lower will erase any existing configuration—administrators will need to re-enter the proxy details after the update.
New Features & Improvements:
2N Fortis electronic locks
This release supports 2N Fortis wireless electronic locks (handles and cylinders) in offline mode. Locks can be added to Access Commander and assigned to zones, similar to other access readers in the software. 2N Fortis locks adhere to the OSS Secure ID standard, where access rights are stored and encrypted on the card or fob (DESFire EV3) rather than the device itself. Due to the offline nature of these devices, active monitoring or control is not supported. In this version of Access Commander, a 2N intercom or 2N Access Unit is required for writing access rights to cards and must be part of the installation.
Proxy exceptions
2N Access Commander now supports more granular proxy configuration, allowing administrators to define proxy server exceptions (domains or addresses). This improvement simplifies network management in complex environments, ensuring external services can connect via network proxy while local devices can remain unaffected. This update addresses key customer requests and lays the foundation for future cloud-based functionality.
Extended visitor duration
Until now visitors in Access Commander were limited to a maximum visit of 30 days. From Access Commander 3.4 we are increasing this duration to a maximum of 90 days allowing temporary access that can span months. Ideal for customers integrating Access Commander with third-party systems that need support for longer visits.
Device types
We've added a new column to the device list page called 'Types'. It's now even easier to see which device is an intercom, Access Unit, answering unit or electronic lock. The list can be filtered based on the selected type.
New Devices
This release supports the new 2N IP Force 2.0 intercom the 2N Clip 2wire-IP answering unit, and of course, 2N Fortis electronic locks.
Additional Notes
IMPORTANT - For security reasons, this version of Access Commander is not compatible with 2N Intercoms and 2N Access Units running firmware version 2.37 or older. Access Commander will not manage devices with these firmware versions even if compatibility mode is enabled. Please ensure all devices are running firmware version 2.38 or newer before upgrading.
Required Device Firmware Versions for Full Feature Support
- 2N IP Intercoms: 2.49.x
- 2N Access Unit: 2.49.x
Minimum Supported Firmware Versions (Devices running firmware older than these versions will not sync with Access Commander)
- 2N IP Intercoms: 2.43.x
- 2N Access Unit: 2.43.x
- 2N Indoor Touch 2.0: 4.3.x (Devices running earlier versions will be disabled in Access Commander)
- 2N Indoor Touch 1.0 is not supported in Access Commander
API Changes
- [APIv3 Change Log] https://www.2n.com/-/media/Files/Web/downloads/diffv3_v3_3_v3_4