Saturday, June 15, 2024

141 Airlines Worldwide Affected by Biggest Security Vulnerability – Tens of Millions of Flight Travelers Affected

Researchers discovered a major security vulnerability in online flight ticket booking system that affected almost half of the fight travelers around the world.

The Vulnerability was discovered by Noam Rotem , an Isreal security researcher when he was trying to book a flight in ELAL Israel Airlines.

He uncovered this critical flaw in the widely used ticket booking system Amadeus that allows anyone to access and change private information on flight bookings for 141 airlines.

Amadeus referred as one of the largest reservation systems, serving for 141 airlines including world-leading airline customers of British Airways, Air France, Icelandair, Qantas etc.

This same vulnerability was discovered include 44% of the international carriers market including United Airlines, Lufthansa, Air Canada, and many more that affects tens of millions of travelers.

This could allows anyone can edit and change someone’s ticket reservation for any Airline which is used Amadeus reservation system by just having booking reference number.

Vulnerability in the Ticket Booking System

Researcher uncovered this vulnerability by analyse the link he received that associated with ticket booking system(PNR: https://fly.elal.co.il/LOTS-OF-NUMBERS-HERE.)

Here, by changing the RULE_SOURCE_1_ID, researchers access any customers PNR and access the customer name and associated flight details.

It was made the process easy to log into ELAL’s customer portal With the help of PNR and customer name and anyone could make changes..

“This control allows claim frequent flyer miles to a personal account, assign seats and meals, and update the customer’s email and phone number, which could then be used to cancel/change flight reservation via customer service”

Researchers from Safety Detective research lab execute a simple script that exposed the PNR numbers and was able to find active numbers in Amadeus.

Another non-threatening script proves that the system was vulnerable to brute-force attack due to lacking captchas and passwords protection security systems.

Amadeus replied, “At Amadeus, we give security the highest priority and are constantly monitoring and updating our systems. Our technical teams took immediate action and we can now confirm that the issue is solved. To further strengthen security, we have added a Recovery PTR to prevent a malicious user from accessing travelers’ personal information. We regret any inconvenience this situation might have caused.”

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Website

Latest articles

Sleepy Pickle Exploit Let Attackers Exploit ML Models And Attack End-Users

Hackers are targeting, attacking, and exploiting ML models. They want to hack into these...

SolarWinds Serv-U Vulnerability Let Attackers Access sensitive files

SolarWinds released a security advisory for addressing a Directory Traversal vulnerability which allows a...

Smishing Triad Hackers Attacking Online Banking, E-Commerce AND Payment Systems Customers

Hackers often attack online banking platforms, e-commerce portals, and payment systems for illicit purposes.Resecurity...

Threat Actor Claiming Leak Of 5 Million Ecuador’s Citizen Database

A threat actor has claimed responsibility for leaking the personal data of 5 million...

Ascension Hack Caused By an Employee Who Downloaded a Malicious File

Ascension, a leading healthcare provider, has made significant strides in its investigation and recovery...

AWS Announced Malware Detection Tool For S3 Buckets

Amazon Web Services (AWS) has announced the general availability of Amazon GuardDuty Malware Protection...

Hackers Exploiting MS Office Editor Vulnerability to Deploy Keylogger

Researchers have identified a sophisticated cyberattack orchestrated by the notorious Kimsuky threat group.The...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles