Sucuri company specialists found significnat vulnerabilities in Duplicate Page plugin. This plugin is installed and…
“Exploiting memory corruption vulnerabilities in CIS / MS allows an attacker to exploit these flaws to send commands to the much more sensitive components that control aircraft-critical safety systems, including engine, brakes, and sensors”, — Ruben Santamarta said.
Boeing categorically denies the possibility of such an attack and rejects the researcher’s claim about a potential attack vector. According to the company, additional security systems in CIS / MS do not allow exploiting the vulnerabilities presented.
Although Santamarta discovered the code in the public domain last year and acknowledges that he did not have complete information about aircraft systems, other avionics cybersecurity researchers agreed that the flaws found in the code constituted a neglect of cyber security by Boeing.
Read also: FBI warns that cybercriminals are looking for money laundering partners through dating sites
Santamarta also claims to have been able to spy on planes due to vulnerabilities in satellite communications equipment, such as antennas that send data to planes and modems inside the planes. All of them can be used remotely, without physical access to equipment.
“In our case, there was a configuration error that we corrected within two hours of notification last December. We have implemented additional layers of security to prevent similar actions”, — said Doug Murri, VP for operations at Global Eagle.
A spokesperson for Global Eagle also said that the company’s infotainment and Wi-Fi systems are separate from aircraft safety systems, indicating that there is no threat to the lives of passengers.
News-bpudepi.today is a domain that tries to trick you into subscribing to its browser notifications…
Doguhtam.xyz is a site that tries to trick you into subscribing to its browser notifications…
News-xlixoti.com is a site that tries to force you into subscribing to its browser notifications…
Ducesousightion.com is a domain that tries to trick you into clik to its browser notifications…
News-xlabica.live is a domain that tries to trick you into clik to its browser notifications…
Mergechain.co.in is a site that tries to trick you into subscribing to its browser notifications…