Vulnerabilities In Airline WiFi Devices Expose Passenger Data

Uploaded on 2022-10-11 in FREE TO VIEW, BUSINESS-Services-Transport & Travel

Two critical vulnerabilities have been detected in wireless devices LAN devices used in airline planes to provide Internet connectivity to passengers while in-flight. The faults were discovered by a pair of researchers at Necrum Security Labs.

The security researchers found that a hidden page not listed in the Wireless LAN manager allow attackers to execute Linux commands on the device with root privileges. The vulnerability is tracked as CVE-2022-36158. And a threat exists to other passengers or anyone connected to the WiFi network created on the vulnerable devices.

The flaws were discovered by Thomas Knudsen and Samy Younsi of Necrum Security Labs and affected the Flexlan FX3000 and FX2000 series wireless LAN devices made by Contec a Japan-based company that specialises in embedded computing, industrial automation, and IoT communication technology. "After performing reverse engineering of the firmware, we discovered that a hidden page not listed in the Wireless LAN Manager interface allows to execute Linux commands on the device with root privileges," wrote the security researchers in a statement referring to the vulnerability tracked CVE–2022–36158. "From here, we had access to all the system files but also be able to open the telnet port and have full access to the device."

The security researchers also found that one file contains the hash of two users, which the attackers were able to recover in just minutes via a brute-force attack.

The issue is that the device owner can only change the account user’s password from the web administration interface as the root account is reserved for Contec. Meaning that individuals who use WiFi on their devices while inflight could be vulnerable to the attack.

As for the second flaw, Necrum Security Labs said Contec should generate a different password for each device during the manufacturing process. 

These are hardly the first vulnerabilities discovered in wireless devices over the last few months. Recently, Rapid7 disclosed flaws in two medical devices produced by Baxter Healthcare, one of which was a WiFi Battery.

The US Cybersecurity and Infrastructure Security Agency (CISA) recently published an advisory describing vulnerabilities in a Contec medical device, but it has not released an advisory for the Flexlan issues. The affected devices are not used only in airplanes. Nihon Kohden, a Japanese manufacturer of medical electronic equipment, issued a statement recently to inform customers about these vulnerabilities, saying that it’s investigating the impact on its products and systems.

The researchers suggested removing the hidden engineering webpage from the devices in manufacturing to address the first vulnerability because the default password is so vulnerable. Experts say this weak default password makes it easy for attackers to inject a backdoor because of this URL.

Samy Younsi:    Nikon Kohden:  Spiceworks:    Infosecurity Magazine:     Oodaloop:    ITSecurity:    Cyber Daily:

You Might Also Read: 

In Britain 'Cyberflashing’ Is Now A Crime:

 

« Microsoft Warning - Windows Flaw Being Attacked
Hackers Have Exploited The Queen’s Death »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

APMG International (APM Group)

APMG International (APM Group)

APM Group is a global accreditation, certification and examination body specializing in certification schemes for individuals, organizations and software.

ZM CIRT

ZM CIRT

ZM CIRT is the national Computer Incident Response Team for Zambia.

Sift

Sift

The Sift Digital Trust Platform protects your business and customers from all vectors of fraud and abuse through our Live Machine Learning, global trust network and automation technologies.

Atempo

Atempo

Atempo is a leading independent European-based software vendor with a global presence. We provide solutions to protect, store, move and recover all your data.

Secudos

Secudos

SECUDOS is an innovative appliance technology and services provider focused on IT security and compliance.

Real Random

Real Random

Real Random is on a mission to enhance existing and new crypto-systems with its revolutionary solution to generating numbers that are Truly Random.

Smart Contract Security Alliance

Smart Contract Security Alliance

The Smart Contract Security Alliance supports the blockchain ecosystem by building standards for smart contract security and smart contract audits.

ZecOps

ZecOps

ZecOps is a cybersecurity automation company offering solutions for servers, endpoints, mobile devices, and custom devices.

Sayata Labs

Sayata Labs

Sayata delivers a streamlined solution for processing cyber policies. Increase profitability with an easy and intuitive platform.

Keeper Security

Keeper Security

Keeper is a leading enterprise password manager and cybersecurity platform for preventing password-related data breaches and cyberthreats.

Onevinn

Onevinn

Onevinn's goal is to create a transparent, cost-effective security that is noticed as little as possible by the users. We simply call it "intelligent security."

Anvilogic

Anvilogic

Anvilogic provides a unifying experience for security professionals aimed at providing improved visibility, enrichment, and context across hundreds of alerting datasets and security tools.

Pristine InfoSolutions

Pristine InfoSolutions

Pristine InfoSolutions is a global IT services and Information Security Company focused on delivering smart, next-generation business solutions.

RMC

RMC

RMC was purpose-built for Mission Assurance and ICS/OT cybersecurity, dedicated to strengthening and protecting government and commercial assets.

InfoSec4TC

InfoSec4TC

InfoSec4tc is an online Information Security Courses, Training, and Consultancy provider.

Bluerydge

Bluerydge

Bluerydge specialises in cyber security and technology, focusing on the delivery of innovative sovereign solutions through trusted, cleared and experienced professionals.