Re: There is a reasonable process....
All well and good, until you set yourself up in the business of providing (and promising) security beyond that offered by a decent mechanical locking mechanism, and then utterly failing to deliver on that promise.
IIRC Cybelock's claim was that their electronic "enhancements" EXTENDED and COMPLEMENTED that mechanical security, when in fact it did the exact opposite, by coupling a proprietary (and seriously flawed) security algorithm, with a single (lock) pin pattern deployed enterprise wide. (Might as well be a wardrobe key or bent piece of wire at that point.)
If the highest possible (root level) access can be extrapolated from a guest access key then there is a serious fornicating problem with the implementation, which needs to be addressed right now. Right now as in, sending out a bunch of "We screwed the pooch and you need to change your locks now and send us the bill." letters immediately.
Cyberlock's customers might deserve a certain grace period in which to find a solution to a problem not of their making. Cyberlock deserves nothing but a kick in the corporate teeth.
Strikes me the solution when something like this happens is for a duly appointed entity to step in immediately and notify ALL affected customers. AND for the responsible company to be stripped of limited liability status, and given the choice of providing an IMMEDIATE fix, even if that means deploying a competitors product at their own expense, or the principal stakeholders facing those they've wronged in the courts with ALL OF THEIR ASSETS up for grabs.
Biting the hand that feeds IT
