[jaywalk]

It's a vulnerability in the inside panel that was covered up by requiring the front panel to do more than it should. If the front panel were just a dumb I/O device, the inside panel could not have this specific vulnerability.

[IshKebab]

No that's still wrong. The inside panel is the only thing doing any validation. The front panel more or less is dumb IO.

The vulnerability really is in the inside panel and changing the outside panel to just be a keypad wouldn't have prevented the mistake.

[jaywalk]

No, you're misunderstanding. The front panel is validating that the factory code is entered correctly before it allows the lock code to be reset. If the front panel were just dumb I/O, the inside panel would have to validate the factory code before allowing the lock code to be reset.