Vulnerabilities In Airline WiFi Devices Expose Passenger Data

Uploaded on 2022-10-11 in FREE TO VIEW, BUSINESS-Services-Transport & Travel

Two critical vulnerabilities have been detected in wireless devices LAN devices used in airline planes to provide Internet connectivity to passengers while in-flight. The faults were discovered by a pair of researchers at Necrum Security Labs.

The security researchers found that a hidden page not listed in the Wireless LAN manager allow attackers to execute Linux commands on the device with root privileges. The vulnerability is tracked as CVE-2022-36158. And a threat exists to other passengers or anyone connected to the WiFi network created on the vulnerable devices.

The flaws were discovered by Thomas Knudsen and Samy Younsi of Necrum Security Labs and affected the Flexlan FX3000 and FX2000 series wireless LAN devices made by Contec a Japan-based company that specialises in embedded computing, industrial automation, and IoT communication technology. "After performing reverse engineering of the firmware, we discovered that a hidden page not listed in the Wireless LAN Manager interface allows to execute Linux commands on the device with root privileges," wrote the security researchers in a statement referring to the vulnerability tracked CVE–2022–36158. "From here, we had access to all the system files but also be able to open the telnet port and have full access to the device."

The security researchers also found that one file contains the hash of two users, which the attackers were able to recover in just minutes via a brute-force attack.

The issue is that the device owner can only change the account user’s password from the web administration interface as the root account is reserved for Contec. Meaning that individuals who use WiFi on their devices while inflight could be vulnerable to the attack.

As for the second flaw, Necrum Security Labs said Contec should generate a different password for each device during the manufacturing process. 

These are hardly the first vulnerabilities discovered in wireless devices over the last few months. Recently, Rapid7 disclosed flaws in two medical devices produced by Baxter Healthcare, one of which was a WiFi Battery.

The US Cybersecurity and Infrastructure Security Agency (CISA) recently published an advisory describing vulnerabilities in a Contec medical device, but it has not released an advisory for the Flexlan issues. The affected devices are not used only in airplanes. Nihon Kohden, a Japanese manufacturer of medical electronic equipment, issued a statement recently to inform customers about these vulnerabilities, saying that it’s investigating the impact on its products and systems.

The researchers suggested removing the hidden engineering webpage from the devices in manufacturing to address the first vulnerability because the default password is so vulnerable. Experts say this weak default password makes it easy for attackers to inject a backdoor because of this URL.

Samy Younsi:    Nikon Kohden:  Spiceworks:    Infosecurity Magazine:     Oodaloop:    ITSecurity:    Cyber Daily:

You Might Also Read: 

In Britain 'Cyberflashing’ Is Now A Crime:

 

« Microsoft Warning - Windows Flaw Being Attacked
Hackers Have Exploited The Queen’s Death »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Fieldfisher

Fieldfisher

Fieldfisher's Technology, Outsourcing & Privacy Group has class-leading expertise in privacy, data & cybersecurity, digital media, big data, the cloud, mobile payments and mobile apps.

PFP Cybersecurity

PFP Cybersecurity

PFP provides a SaaS solution for life-cycle protection based on our IoT security platform and power usage analytics.

DataVisor

DataVisor

DataVisor is a big data fraud detection and anti-money laundering solution.

CyberPilot

CyberPilot

CyberPilot ApS is a Danish cybersecurity company. We work with all types of companies and organisations, both large and small, who want to achieve effective cybersecurity.

CybergymIEC

CybergymIEC

CybergymIEC is a global leader in cyber defense solutions and training services.

BlueKrypt

BlueKrypt

BlueKrypt is a consulting firm for the security of IT systems and their management.

Telelogos

Telelogos

Telelogos is a European provider of Enterprise Mobility Management software, Digital Signage software and Data Transfer and Synchronization software.

Blancco Technology Group

Blancco Technology Group

Blancco Technology Group is a leading global provider of mobile device diagnostics and secure data erasure solutions.

InterVision

InterVision

InterVision is a leading Strategic Services Provider, assisting businesses in driving value and gaining a competitive edge by helping IT Leaders solve the most crucial challenges they face.

Utility Cyber Security Forum

Utility Cyber Security Forum

The Utility Cyber Security Forum offers a focused venue in which utility executives can network one-on-one with colleagues facing issues in protecting against cyber attacks.

Huntress Labs

Huntress Labs

Huntress provides managed threat detection and response services to uncover and address malicious footholds that slip past your preventive defenses.

QuoIntelligence

QuoIntelligence

QuoIntelligence experts can help your team understand the evolving cyber threats and provide simple yet comprehensive recommendations so you can focus on what matters.

AdaCore

AdaCore

AdaCore is focused on helping developers build safe, secure and reliable software.

Rayzone Group

Rayzone Group

Rayzone Group offers a wide range of Cyber Security solutions and services, providing hollistic protection suitable for both enterprises and National cyber security centers.

Wavenet

Wavenet

Wavenet has grown from simple beginnings to become one of the UK’s market leaders in unified communications, business telephony, and Cyber Security solutions.

ITUS Secure Technologies

ITUS Secure Technologies

ITUS offer fully outsourced cybersecurity solutions working with leading security vendors, providing next-gen solutions.