A recent discovery by security researchers revealed a critical vulnerability in the login systems used by the Transportation Security Administration (TSA) to verify airline crew members at airport security checkpoints. The bug allowed individuals with just a basic knowledge of SQL injection to potentially add themselves to airline rosters, bypass security measures, and gain access to the cockpit of a commercial airplane.
The Discovery
Researchers Ian Carroll and Sam Curry uncovered the vulnerability while investigating the third-party website of a vendor called FlyCASS, which provides smaller airlines access to the TSA’s Known Crewmember (KCM) system and Cockpit Access Security System (CASS). By inserting a simple apostrophe into the username field, they triggered a MySQL error, indicating that the username was directly incorporated into the login SQL query. This allowed them to exploit the SQL injection flaw using tools like sqlmap and gain unauthorized access to FlyCASS as an administrator of Air Transport International.
Once inside the system, Carroll noted that there were no additional checks or authentication procedures in place to prevent them from adding crew records and photos for any airline utilizing FlyCASS. This meant that anyone exploiting the vulnerability could potentially present a fake employee number to pass through a KCM security checkpoint undetected.
The implications of such a security flaw are severe and far-reaching. Unauthorized access to airline crew systems poses a significant risk to aviation security, allowing malicious actors to infiltrate restricted areas of an airport and potentially compromise the safety of passengers and crew members. The ability to manipulate crew records and bypass security checks highlights the urgent need for robust cybersecurity measures in the aviation industry.
Recommendations and Remediation
In light of this discovery, it is imperative for the TSA and airlines to conduct a thorough review of their security protocols and systems to identify and address any vulnerabilities that could be exploited by hackers. Implementing strong authentication mechanisms, regularly updating software and conducting comprehensive security audits are essential steps to mitigate the risk of unauthorized access and data breaches.
The security vulnerability in TSA airline crew systems underscores the importance of staying vigilant and proactive in the face of evolving cyber threats. By taking proactive measures to enhance cybersecurity practices and address critical vulnerabilities, the aviation industry can better safeguard against unauthorized access and protect the integrity of airline operations.
Leave a Reply