Sunday, November 10, 2024
HomeComputer Security141 Airlines Worldwide Affected by Biggest Security Vulnerability - Tens of Millions...

141 Airlines Worldwide Affected by Biggest Security Vulnerability – Tens of Millions of Flight Travelers Affected

Published on

Malware protection

Researchers discovered a major security vulnerability in online flight ticket booking system that affected almost half of the fight travelers around the world.

The Vulnerability was discovered by Noam Rotem , an Isreal security researcher when he was trying to book a flight in ELAL Israel Airlines.

He uncovered this critical flaw in the widely used ticket booking system Amadeus that allows anyone to access and change private information on flight bookings for 141 airlines.

- Advertisement - SIEM as a Service

Amadeus referred as one of the largest reservation systems, serving for 141 airlines including world-leading airline customers of British Airways, Air France, Icelandair, Qantas etc.

This same vulnerability was discovered include 44% of the international carriers market including United Airlines, Lufthansa, Air Canada, and many more that affects tens of millions of travelers.

This could allows anyone can edit and change someone’s ticket reservation for any Airline which is used Amadeus reservation system by just having booking reference number.

Vulnerability in the Ticket Booking System

Researcher uncovered this vulnerability by analyse the link he received that associated with ticket booking system(PNR: https://fly.elal.co.il/LOTS-OF-NUMBERS-HERE.)

Here, by changing the RULE_SOURCE_1_ID, researchers access any customers PNR and access the customer name and associated flight details.

It was made the process easy to log into ELAL’s customer portal With the help of PNR and customer name and anyone could make changes..

“This control allows claim frequent flyer miles to a personal account, assign seats and meals, and update the customer’s email and phone number, which could then be used to cancel/change flight reservation via customer service”

Researchers from Safety Detective research lab execute a simple script that exposed the PNR numbers and was able to find active numbers in Amadeus.

Another non-threatening script proves that the system was vulnerable to brute-force attack due to lacking captchas and passwords protection security systems.

Amadeus replied, “At Amadeus, we give security the highest priority and are constantly monitoring and updating our systems. Our technical teams took immediate action and we can now confirm that the issue is solved. To further strengthen security, we have added a Recovery PTR to prevent a malicious user from accessing travelers’ personal information. We regret any inconvenience this situation might have caused.”

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

CISA Warns of Critical Palo Alto Networks Vulnerability Exploited in Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns organizations of a critical vulnerability...

Cisco Desk Phone Series Vulnerability Lets Remote Attacker Access Sensitive Information

A significant vulnerability (CVE-2024-20445) has been discovered in Cisco Desk Phone 9800 Series, IP...

Cisco Flaw Let Attackers Run Command as Root User

A critical vulnerability has been discovered in Cisco Unified Industrial Wireless Software, which affects...

Researchers Detailed Credential Abuse Cycle

The United States Department of Justice has unsealed an indictment against Anonymous Sudan, a...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

CISA Warns of Critical Palo Alto Networks Vulnerability Exploited in Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns organizations of a critical vulnerability...

Cisco Desk Phone Series Vulnerability Lets Remote Attacker Access Sensitive Information

A significant vulnerability (CVE-2024-20445) has been discovered in Cisco Desk Phone 9800 Series, IP...

Cisco Flaw Let Attackers Run Command as Root User

A critical vulnerability has been discovered in Cisco Unified Industrial Wireless Software, which affects...