Vulnerabilities In Airline WiFi Devices Expose Passenger Data

Uploaded on 2022-10-11 in FREE TO VIEW, BUSINESS-Services-Transport & Travel

Two critical vulnerabilities have been detected in wireless devices LAN devices used in airline planes to provide Internet connectivity to passengers while in-flight. The faults were discovered by a pair of researchers at Necrum Security Labs.

The security researchers found that a hidden page not listed in the Wireless LAN manager allow attackers to execute Linux commands on the device with root privileges. The vulnerability is tracked as CVE-2022-36158. And a threat exists to other passengers or anyone connected to the WiFi network created on the vulnerable devices.

The flaws were discovered by Thomas Knudsen and Samy Younsi of Necrum Security Labs and affected the Flexlan FX3000 and FX2000 series wireless LAN devices made by Contec a Japan-based company that specialises in embedded computing, industrial automation, and IoT communication technology. "After performing reverse engineering of the firmware, we discovered that a hidden page not listed in the Wireless LAN Manager interface allows to execute Linux commands on the device with root privileges," wrote the security researchers in a statement referring to the vulnerability tracked CVE–2022–36158. "From here, we had access to all the system files but also be able to open the telnet port and have full access to the device."

The security researchers also found that one file contains the hash of two users, which the attackers were able to recover in just minutes via a brute-force attack.

The issue is that the device owner can only change the account user’s password from the web administration interface as the root account is reserved for Contec. Meaning that individuals who use WiFi on their devices while inflight could be vulnerable to the attack.

As for the second flaw, Necrum Security Labs said Contec should generate a different password for each device during the manufacturing process. 

These are hardly the first vulnerabilities discovered in wireless devices over the last few months. Recently, Rapid7 disclosed flaws in two medical devices produced by Baxter Healthcare, one of which was a WiFi Battery.

The US Cybersecurity and Infrastructure Security Agency (CISA) recently published an advisory describing vulnerabilities in a Contec medical device, but it has not released an advisory for the Flexlan issues. The affected devices are not used only in airplanes. Nihon Kohden, a Japanese manufacturer of medical electronic equipment, issued a statement recently to inform customers about these vulnerabilities, saying that it’s investigating the impact on its products and systems.

The researchers suggested removing the hidden engineering webpage from the devices in manufacturing to address the first vulnerability because the default password is so vulnerable. Experts say this weak default password makes it easy for attackers to inject a backdoor because of this URL.

Samy Younsi:    Nikon Kohden:  Spiceworks:    Infosecurity Magazine:     Oodaloop:    ITSecurity:    Cyber Daily:

You Might Also Read: 

In Britain 'Cyberflashing’ Is Now A Crime:

 

« Microsoft Warning - Windows Flaw Being Attacked
Hackers Have Exploited The Queen’s Death »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Zybert Computing

Zybert Computing

Zybert Computing provide server solutions with built-in security and information protection features for the SME market.

2|SEC Consulting (2-SEC)

2|SEC Consulting (2-SEC)

At 2|SEC Consulting, we deliver an end-to-end service of cyber and information security solutions which are tailored to each client’s exact security needs.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Protection Group International (PGI)

Protection Group International (PGI)

PGI helps organisations and governments to manage digital risk. From cyber security services to business intelligence, we help reduce the risks to your finances, reputation, assets and people.

Phew

Phew

Phew are New Zealand cyber security specialists with expertise and experience forged in global financial markets, IT&T, management consulting and SME business management.

Zivaro

Zivaro

Zivaro provides transformational consulting and technology services to help clients attain real business value from their technology investments.

iFluids Engineering

iFluids Engineering

iFluids Engineering is a leading engineering consulting and risk management firm providing a full range of services including Cyber Security for Industrial Control Systems.

Micro Strategies Inc.

Micro Strategies Inc.

Micro Strategies provides IT solutions that help businesses tackle digital transformation in style.

Conviso

Conviso

Conviso is a consulting company specialized in Application Security and Security Research.

DataDome

DataDome

DataDome offers real-time AI protection against all OWASP automated threats, including credential stuffing, layer 7 DDoS attacks, SQL injection & intensive scraping.

SAP National Security Services (NS2)

SAP National Security Services (NS2)

SAP NS2 are dedicated to delivering the best of SAP innovation, from cloud to predictive analytics; machine learning to data fusion.

ThreatModeler

ThreatModeler

ThreatModeler is an automated threat modeling solution that fortifies an enterprise’s Software Development Lifecycle by identifying, predicting and defining threats.

Silicon Cloud International

Silicon Cloud International

Silicon Cloud is a high performance and secure cloud computing platform for engineering and scientific applications.

Pacific Global Security Group

Pacific Global Security Group

Pacific Global Security Group offers an intelligence-driven focus on all aspects of cybersecurity for IT/ICS/OT.

LOCH Technologies

LOCH Technologies

LOCH Wireless Machine Vision platform delivers next generation cybersecurity, performance monitoring, and cost management for all 5G and for broad-spectrum IoT, IoMT and OT wireless environments.

CertX

CertX

CertX is a Swiss functional safety, cybersecurity and artificial intelligence certification body.