A worrying vulnerability has been uncovered by security researchers in the login systems used by the Transportation Security Administration (TSA) to verify airline crew members at airport security checkpoints. Researchers Ian Carroll and Sam Curry stumbled upon a flaw that could potentially allow unauthorized individuals to manipulate airline rosters and gain access to restricted areas within a commercial airplane.
The vulnerability, described as a result of a “basic knowledge of SQL injection,” was discovered while probing a third-party website of a vendor known as FlyCASS. By inserting a simple apostrophe into the username field, Carroll and Curry were able to trigger a MySQL error, indicating that the username was being directly inserted into the login SQL query. This flaw allowed them to exploit the vulnerability using sqlmap and gain administrative access to Air Transport International through the FlyCASS system.
Once inside, Carroll notes that there were no additional checks or authentication processes in place to prevent them from adding and modifying crew records and photos for any airline utilizing the FlyCASS platform. This lack of security measures could potentially enable malicious actors to present fake employee numbers at Known Crewmember (KCM) security checkpoints and bypass rigorous security protocols put in place by the TSA.
Following the disclosure of this critical security flaw, the TSA press secretary has yet to release a statement addressing the issue. It remains unclear how long this vulnerability has been present in the airline crew verification system or if any unauthorized access has occurred as a result of this flaw. The TSA and related authorities must take swift action to address and rectify this vulnerability to prevent any further exploitation and ensure the safety of airline passengers and crew members alike.
The discovery of this vulnerability serves as a stark reminder of the importance of robust cybersecurity measures within critical infrastructure systems. The implications of such a flaw in the TSA’s airline crew verification system are concerning and highlight the need for continuous monitoring and assessment of potential vulnerabilities. It is imperative that security researchers and organizations collaborate to identify and mitigate such threats before they are exploited by malicious actors.