SQL Injection Assault on Airport Safety
Attention-grabbing vulnerability:
…a particular lane at airport safety referred to as Recognized Crewmember (KCM). KCM is a TSA program that permits pilots and flight attendants to bypass safety screening, even when flying on home private journeys.
The KCM course of is pretty easy: the worker makes use of the devoted lane and presents their KCM barcode or supplies the TSA agent their worker quantity and airline. Numerous types of ID must be introduced whereas the TSA agent’s laptop computer verifies the employment standing with the airline. If profitable, the worker can entry the sterile space with none screening in any respect.
An identical system additionally exists for cockpit entry, referred to as the Cockpit Entry Safety System (CASS). Most plane have not less than one jumpseat contained in the cockpit sitting behind the flying pilots. When pilots have to commute or journey, it’s not all the time doable for them to occupy a income seat, so a jumpseat can be utilized as an alternative. CASS permits the gate agent of a flight to confirm that the jumpseater is a certified pilot. The gate agent can then inform the crew of the flight that the jumpseater was authenticated by CASS.
[attack details omitted]
At this level, we realized we had found a really major problem. Anybody with primary information of SQL injection may login to this website and add anybody they wished to KCM and CASS, permitting themselves to each skip safety screening after which entry the cockpits of business airliners.
We ended up discovering a number of extra severe points however started the disclosure course of instantly after discovering the primary difficulty.
Posted on September 2, 2024 at 7:07 AM •
4 Feedback
Sidebar photograph of Bruce Schneier by Joe MacInnis.
