Monday, April 15, 2024

Critical Flaws in Airplanes WiFi Access Point Let Attackers Gain Root Access

Two critical vulnerabilities have been found recently in the wireless LAN devices of Contec. These critical vulnerabilities were discovered by the cybersecurity analysts, Samy Younsi and Thomas Knudsen of Necrum Security Lab.

There are two models of the FLEXLAN FXA2000 and FXA3000 series from CONTEC which are primarily used in airplane installations as WiFi access points.

As a result, these devices offer extremely high-speed connectivity during flight trips for the following purposes:-

  • Movies
  • Musics
  • Buy foods
  • Buy goodies

Affected Products

Here below we have mentioned all the products that are affected:-

  • All Contec FLEXLAN FXA3000 Series devices from version 1.15.00 and under.
  • All Contec FLEXLAN FXA2000 Series devices from version 1.38.00 and under.

Vulnerabilities

The following are the two critical vulnerabilities that are highlighted below:-

An adversary can exploit these vulnerabilities to compromise all types of inflight entertainment systems, and also other aspects of the system.

While performing the reverse engineering of the firmware for the first vulnerability (CVE-2022–36158), researchers discovered the first vulnerability.

CVE-2022-36159 is the second vulnerability which involves the use of the following two elements:-

  • Weak cryptographic keys
  • Backdoor accounts

The CVE-2022–36158 vulnerability can be traced to a hidden page in WiFi LAN Manager, and it was not displayed as part of the dashboard interface.

The aim of this page is to make it easier for the user to execute Linux commands that have root privileges on the device. 

Once access to all the data on the device had been gained, the threat actors had the ability to open the telnet port in order to gain full control over it.

Recommendation

Here below we have mentioned the remedies for these two vulnerabilities:-

  • CVE-2022–36158 Remedy 

Since the default password for the hidden engineering web page is extremely weak, it needs to be removed from the devices that are in production. Through this website, an attacker could very easily be able to inject a backdoor onto the device as it has a very weak default password.

  • CVE-2022-36159 Remedy

For each device, a unique password needs to be generated. The passwords for each device must be generated randomly throughout the manufacturing process, and each password must be unique.

Download Free SWG – Secure Web Filtering – E-book

Website

Latest articles

Hacker Customize LockBit 3.0 Ransomware to Attack Orgs Worldwide

Cybersecurity researchers at Kaspersky have uncovered evidence that cybercriminal groups are customizing the virulent...

Microsoft .NET, .NET Framework, & Visual Studio Vulnerable To RCE Attacks

A new remote code execution vulnerability has been identified to be affecting multiple Microsoft...

LightSpy Hackers Indian Apple Device Users to Steal Sensitive Data

The revival of the LightSpy malware campaign has been observed, focusing on Indian Apple...

LightSpy Malware Attacking Android and iOS Users

A new malware known as LightSpy has been targeting Android and iOS users.This sophisticated...

This Startup Aims To Simplify End-to-End Cybersecurity, So Anyone Can Do It

The Web3 movement is going from strength to strength with every day that passes....

Alert! Palo Alto RCE Zero-day Vulnerability Actively Exploited in the Wild

In a recent security bulletin, Palo Alto Networks disclosed a critical vulnerability in its...

6-year-old Lighttpd Flaw Impacts Intel And Lenovo Servers

The software supply chain is filled with various challenges, such as untracked security vulnerabilities...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Top 3 SME Attack Vectors

Securing the Top 3 SME Attack Vectors

Cybercriminals are laying siege to small-to-medium enterprises (SMEs) across sectors. 73% of SMEs know they were breached in 2023. The real rate could be closer to 100%.

  • Stolen credentials
  • Phishing
  • Exploitation of vulnerabilities

Related Articles