Onity, whose keycard locks can be found on at least four million rooms around the world, has a plan to fix a security flaw … the fix requires hardware changes to every affected lock.
Onity wants the hotels who already bought the company’s insecure product to pay for the fix
Source: Hotel Lock Firm’s Security Fix Requires Hardware Changes For Millions Of Keycard Locks – Forbes
To what extent are companies obliged to patch the security of their products, and at what point are they morally permitted to charge for further maintenance/modification?