Vulnerabilities In Airline WiFi Devices Expose Passenger Data

Uploaded on 2022-10-11 in FREE TO VIEW, BUSINESS-Services-Transport & Travel

Two critical vulnerabilities have been detected in wireless devices LAN devices used in airline planes to provide Internet connectivity to passengers while in-flight. The faults were discovered by a pair of researchers at Necrum Security Labs.

The security researchers found that a hidden page not listed in the Wireless LAN manager allow attackers to execute Linux commands on the device with root privileges. The vulnerability is tracked as CVE-2022-36158. And a threat exists to other passengers or anyone connected to the WiFi network created on the vulnerable devices.

The flaws were discovered by Thomas Knudsen and Samy Younsi of Necrum Security Labs and affected the Flexlan FX3000 and FX2000 series wireless LAN devices made by Contec a Japan-based company that specialises in embedded computing, industrial automation, and IoT communication technology. "After performing reverse engineering of the firmware, we discovered that a hidden page not listed in the Wireless LAN Manager interface allows to execute Linux commands on the device with root privileges," wrote the security researchers in a statement referring to the vulnerability tracked CVE–2022–36158. "From here, we had access to all the system files but also be able to open the telnet port and have full access to the device."

The security researchers also found that one file contains the hash of two users, which the attackers were able to recover in just minutes via a brute-force attack.

The issue is that the device owner can only change the account user’s password from the web administration interface as the root account is reserved for Contec. Meaning that individuals who use WiFi on their devices while inflight could be vulnerable to the attack.

As for the second flaw, Necrum Security Labs said Contec should generate a different password for each device during the manufacturing process. 

These are hardly the first vulnerabilities discovered in wireless devices over the last few months. Recently, Rapid7 disclosed flaws in two medical devices produced by Baxter Healthcare, one of which was a WiFi Battery.

The US Cybersecurity and Infrastructure Security Agency (CISA) recently published an advisory describing vulnerabilities in a Contec medical device, but it has not released an advisory for the Flexlan issues. The affected devices are not used only in airplanes. Nihon Kohden, a Japanese manufacturer of medical electronic equipment, issued a statement recently to inform customers about these vulnerabilities, saying that it’s investigating the impact on its products and systems.

The researchers suggested removing the hidden engineering webpage from the devices in manufacturing to address the first vulnerability because the default password is so vulnerable. Experts say this weak default password makes it easy for attackers to inject a backdoor because of this URL.

Samy Younsi:    Nikon Kohden:  Spiceworks:    Infosecurity Magazine:     Oodaloop:    ITSecurity:    Cyber Daily:

You Might Also Read: 

In Britain 'Cyberflashing’ Is Now A Crime:

 

« Microsoft Warning - Windows Flaw Being Attacked
Hackers Have Exploited The Queen’s Death »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

AirCUVE

AirCUVE

AirCUVE provide authentication and access control solutions for networks and mobile security.

Lanner Electronics

Lanner Electronics

Lanner Electronics is a leading hardware provider for advanced network appliances and industrial automation solutions including cyber security.

ThreatSTOP

ThreatSTOP

ThreatSTOP is a cloud-based automated threat intelligence platform that converts the latest threat data into enforcement policies to stop attacks before they become breaches.

BigWeb Technologies

BigWeb Technologies

BigWeb Technologies is dedicated to provide its clients with ICT related services including Infrastructure Solutions, Consultancy and Security.

Cyber Army Indonesia (CyberArmyID)

Cyber Army Indonesia (CyberArmyID)

Cyber Army Indonesia (CyberArmyID) is the first platform in Indonesia to collect and validate reports from hackers (referred to as Bug Hunter) regarding vulnerabilities that exist in an organization.

Swiss Cyber Institute (SCI)

Swiss Cyber Institute (SCI)

The Swiss Cyber Institute is a registered cyber security education provider by the State Secretariat for Education, Research, and Innovation SERI.

Sentrium Security

Sentrium Security

Sentrium is committed to helping organisations protect their technology, information and people. Our range of bespoke services provide solutions to tackle a broad range of cyber security challenges.

Cyber Insurance Academy

Cyber Insurance Academy

Cyber Insurance Academy was founded to provide insurance professionals with the knowledge needed to work in cyber-insurance and cyber-related insurance fields.

UK Cyber Cluster Collaboration (UKC3)

UK Cyber Cluster Collaboration (UKC3)

UKC3 has been launched to support Cyber Clusters and encourage greater collaboration across regions and nations of the UK.

Mayer Brown

Mayer Brown

Mayer Brown is a global law firm. We have deep experience in high-stakes litigation and complex transactions across industry sectors including the global financial services industry.

Blackpanda

Blackpanda

Blackpanda is Asia’s premier cyber security incident response group, hyper-focused on digital forensics and cyber crisis response.

Secfix

Secfix

Secfix helps companies get secure and compliant in weeks instead of months. We are on a mission to automate security and compliance for small and medium-sized businesses.

Xeol

Xeol

Software free of vulnerabilities, built and distributed by trusted entities. Our mission is to help customers secure their software from code to deploy.

IONIX

IONIX

IONIX (formerly Cyberpion) is the attack surface management solution that uses Connective Intelligence to shine a spotlight on exploitable risks across your supply chain.

HYCU

HYCU

HYCU was born of the need to simplify data protection and provide equivalent levels of backup and recovery support across on premises, public cloud, and SaaS workloads.

Affinity Technology Partners

Affinity Technology Partners

Affinity Technology Partners has been fueling the growth of Nashville, Tennessee businesses and nonprofits with reliable IT services since 2002.