Sunday, December 3, 2023

Critical Flaws in Airplanes WiFi Access Point Let Attackers Gain Root Access

Two critical vulnerabilities have been found recently in the wireless LAN devices of Contec. These critical vulnerabilities were discovered by the cybersecurity analysts, Samy Younsi and Thomas Knudsen of Necrum Security Lab.

There are two models of the FLEXLAN FXA2000 and FXA3000 series from CONTEC which are primarily used in airplane installations as WiFi access points.

As a result, these devices offer extremely high-speed connectivity during flight trips for the following purposes:-

  • Movies
  • Musics
  • Buy foods
  • Buy goodies

Affected Products

Here below we have mentioned all the products that are affected:-

  • All Contec FLEXLAN FXA3000 Series devices from version 1.15.00 and under.
  • All Contec FLEXLAN FXA2000 Series devices from version 1.38.00 and under.


The following are the two critical vulnerabilities that are highlighted below:-

An adversary can exploit these vulnerabilities to compromise all types of inflight entertainment systems, and also other aspects of the system.

While performing the reverse engineering of the firmware for the first vulnerability (CVE-2022–36158), researchers discovered the first vulnerability.

CVE-2022-36159 is the second vulnerability which involves the use of the following two elements:-

  • Weak cryptographic keys
  • Backdoor accounts

The CVE-2022–36158 vulnerability can be traced to a hidden page in WiFi LAN Manager, and it was not displayed as part of the dashboard interface.

The aim of this page is to make it easier for the user to execute Linux commands that have root privileges on the device. 

Once access to all the data on the device had been gained, the threat actors had the ability to open the telnet port in order to gain full control over it.


Here below we have mentioned the remedies for these two vulnerabilities:-

  • CVE-2022–36158 Remedy 

Since the default password for the hidden engineering web page is extremely weak, it needs to be removed from the devices that are in production. Through this website, an attacker could very easily be able to inject a backdoor onto the device as it has a very weak default password.

  • CVE-2022-36159 Remedy

For each device, a unique password needs to be generated. The passwords for each device must be generated randomly throughout the manufacturing process, and each password must be unique.

Download Free SWG – Secure Web Filtering – E-book


Latest articles

Active Attacks Targeting Google Chrome & ownCloud Flaws: CISA Warns

The CISA announced two known exploited vulnerabilities active attacks targeting Google Chrome & own...

Cactus Ransomware Exploiting Qlik Sense code execution Vulnerability

A new Cactus Ransomware was exploited in the code execution vulnerability to Qlik Sense...

Hackers Bypass Antivirus with ScrubCrypt Tool to Install RedLine Malware

The ScrubCrypt obfuscation tool has been discovered to be utilized in attacks to disseminate the RedLine Stealer...

Hotel’s Hacked Logins Let Attacker Steal Guest Credit Cards

According to a recent report by Secureworks, a well-planned and advanced phishing attack was...

Critical Zoom Vulnerability Let Attackers Take Over Meetings

Zoom, the most widely used video conferencing platform has been discovered with a critical...

Hackers Using Weaponized Invoice to Deliver LUMMA Malware

Hackers use weaponized invoices to exploit trust in financial transactions, embedding malware or malicious...

US-Seized Crypto Currency Mixer Used by North Korean Lazarus Hackers

The U.S. Treasury Department sanctioned the famous cryptocurrency mixer Sinbad after it was claimed...
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Related Articles