Terrifying bug let anyone add fake pilots to roster used at TSA checks

Terrifying bug let anyone add fake pilots to roster used at TSA checks

Briefly

The flaw in the third-party app for small airlines potentially allows malicious actors to bypass TSA security measures, raising grave concerns about airport safety.

Mail Onlinehttps://www.dailymail.co.uk/sciencetech/article-13830633/Terrifying-bug-let-add-fake-pilots-roster-used-TSA-checks.html

The vulnerability discovered by researchers Ian Carroll and Sam Curry showcased a significant risk, as it allowed anyone with basic SQL knowledge to access sensitive airline systems.

Mail Onlinehttps://www.dailymail.co.uk/sciencetech/article-13830633/Terrifying-bug-let-add-fake-pilots-roster-used-TSA-checks.html

Despite reporting the issue to the FAA and DHS last April, only the FAA has responded appropriately, while the TSA's statements about the vulnerability have been dangerously misleading.

Mail Onlinehttps://www.dailymail.co.uk/sciencetech/article-13830633/Terrifying-bug-let-add-fake-pilots-roster-used-TSA-checks.html

Carroll and Curry described SQL injection attacks as one of the most common methods used by hackers to manipulate web databases, indicating a significant threat to aviation security.

Mail Onlinehttps://www.dailymail.co.uk/sciencetech/article-13830633/Terrifying-bug-let-add-fake-pilots-roster-used-TSA-checks.html