"Vulnerabilities in Aircraft Wireless Network Devices Expose Users to Hacking"

Thomas Knudsen and Samy Younsi of Necrum Security Labs discovered two vulnerabilities in Wireless Local Area Network (WLAN) devices commonly used on aircraft. The vulnerabilities were found in the FLEXLAN FXA2000 and FXA3000 series devices from CONTEC Co. Ltd., a Japanese electronics manufacturer. The exploitation of these flaws could allow an attacker to take control of the devices, which are mostly used in airplanes for Wi-Fi access. The first vulnerability, CVE-2022-36158, is related to a hidden system command page not listed in the WLAN manager interface and enables the device to execute Linux commands with root privileges. Through this vulnerability, the researchers were able to gain access to all system files as well as telnet access, giving them complete control over the device. The second vulnerability, CVE-2022-36159, involves weak hard-coded cryptographic keys and a backdoor account. A file on the devices was discovered containing the hashed passwords of two users, which could be found through a brute-force attack. Although the owner can change the user password, the root account is likely reserved for CONTEC for maintenance purposes. An attacker with access to the root password would have complete control over the device. This article continues to discuss the potential exploitation and impact of the two vulnerabilities found in aircraft wireless network devices.

SiliconANGLE reports "Vulnerabilities in Aircraft Wireless Network Devices Expose Users to Hacking"