Assa Abloy AB — Yale (B0:44:9C, MA-L)

The OUI B0:44:9C is registered to "Assa Abloy AB - Yale," the Yale brand division of ASSA ABLOY AB, the Swedish multinational that is the world's largest lock and physical-security manufacturer. The registry address is the company's Malmö office (Nordenskiöldsgatan 8B, SE 211 19), distinct from the ASSA ABLOY corporate HQ in Stockholm. Yale's connected hardware is where this prefix shows up in the wild: Wi-Fi- and Bluetooth-Low-Energy-enabled smart deadbolts (Yale Assure Lock 2, Yale Conexis L1), RFID/credential readers, intruder alarms, and commercial access-control gear. Depending on SKU, those devices speak Bluetooth LE, 2.4 GHz/5 GHz Wi-Fi, Z-Wave, Zigbee, Thread, and Matter, and integrate with Alexa, Apple HomeKit, Google Home, SmartThings, and Ring. The security caveat for anyone classifying these on a network: Yale/ASSA ABLOY locks carry several published CVEs centred on BLE credential sniffing/replay and weak RFID encryption — CVE-2019-17627 (Yale ZEN-R / Bluetooth Key app, BLE key recovery), CVE-2023-26941 (Conexis L1 RFID tag cloning), and the related CVE-2023-26942/26943 (IA-210 alarm and Keyless Smart Lock) — all responsibly disclosed and patched, with no known active exploit kits at time of research. Note the corporate-structure wrinkle: Yale's US/Canada residential business was sold to Fortune Brands Innovations in July 2023, but the OUI registration remains under ASSA ABLOY. As with all MA-L assignments, IEEE publishes no registration date for this block.

IEEE assignment

B0:44:9C → "Assa Abloy AB - Yale", Malmö, SE [Confirmed] — enrichment/registries/oui.csv line 31896 (IEEE-sourced)

Registry / block size

MA-L (24-bit OUI; up to ~16.7M addresses) [Confirmed] — enrichment/registries/oui.csv line 31896

Organization name

Assa Abloy AB - Yale (Yale brand division of ASSA ABLOY AB) [Confirmed] — enrichment/registries/oui.csv line 31896

Registered address

Nordenskiöldsgatan 8B (5tr), Malmö, SE 211 19 [Confirmed] — enrichment/registries/oui.csv line 31896

Country

SE (Sweden) [Confirmed] — enrichment/registries/oui.csv line 31896

Assignment / registration date

null — IEEE publishes no registration date for MA-L OUI assignments; any third-party "date registered" is a database artifact, not an IEEE fact [Confirmed] — https://standards.ieee.org/products-programs/regauth/mac/

Parent / company

ASSA ABLOY AB (Swedish multinational, corporate HQ Stockholm); Yale is its lock/physical-security brand. US/Canada residential Yale operations sold to Fortune Brands Innovations July 2023; OUI remains under ASSA ABLOY [Confirmed] — https://en.wikipedia.org/wiki/Yale_(company), https://en.wikipedia.org/wiki/Assa_Abloy

Device types

smart deadbolts / smart locks (Yale Assure Lock 2, Yale Conexis L1), RFID/credential readers, intruder alarms, commercial access-control hardware [Confirmed] — https://shopyalehome.com/pages/yale-assure-lock-2, https://www.accentra-assaabloy.com/en

Connectivity

Bluetooth LE, Wi-Fi (2.4 GHz / 5 GHz), Z-Wave, Zigbee, Thread, Matter (per SKU) [Confirmed] — https://www.businesswire.com/news/home/20220922005277/en/Yale-Home-Launches-Yale-Assure-Lock%C2%AE-2-Reimagined-Smart-Lock-Collection-with-More-Smart-Capabilities-and-a-Fresh-Aesthetic

Market segments

residential consumer smart locks, commercial/enterprise access control, multi-family property management, hospitality; integrates with Alexa, Apple HomeKit, Google Home, SmartThings, Ring [Confirmed] — https://www.businesswire.com/news/home/20220922005277/en/Yale-Home-Launches-Yale-Assure-Lock%C2%AE-2-Reimagined-Smart-Lock-Collection-with-More-Smart-Capabilities-and-a-Fresh-Aesthetic

Security context

published CVEs on Yale/ASSA ABLOY locks — CVE-2019-17627 (BLE key recovery, Yale ZEN-R / Bluetooth Key app, CVSS 6.5, CWE-287); CVE-2023-26941 (Conexis L1 RFID tag cloning, CVSS 6.5, CWE-326); CVE-2023-26942 / CVE-2023-26943 (IA-210 alarm, Keyless Smart Lock). Common surface: BLE credential sniffing/replay + weak RFID encryption. All responsibly disclosed and patched; no known active exploit kits at time of research [Confirmed] — https://nvd.nist.gov/vuln/detail/CVE-2019-17627, https://nvd.nist.gov/vuln/detail/CVE-2023-26941, https://arxiv.org/abs/2312.00021

Website

https://www.assaabloy.com (global parent); https://shopyalehome.com (Yale Home residential US); https://www.accentra-assaabloy.com (Yale Commercial / ASSA ABLOY Accentra) [Confirmed] — https://www.assaabloy.com/nz/en/solutions/products/door-hardware/smart-digital-locks/smart-locks

Analyst note

a B0:44:9C address reliably flags Yale/ASSA ABLOY smart-lock hardware; treat such devices as IoT/physical-access endpoints and segment accordingly given the BLE/RFID CVE history. No globally-administered randomization concern at the OUI level, but BLE pairing is the documented attack surface.