A recent discovery by security researchers has revealed a critical vulnerability in the login systems used by the Transportation Security Administration (TSA) to verify airline crew members at airport security checkpoints. This vulnerability could potentially allow unauthorized individuals to add themselves to airline rosters and gain access to sensitive areas such as the cockpit of a commercial airplane.
Security researchers Ian Carroll and Sam Curry discovered the vulnerability while investigating the third-party website of a vendor called FlyCASS, which provides smaller airlines access to the TSA’s Known Crewmember (KCM) system and Cockpit Access Security System (CASS). By inserting a simple apostrophe into the username field, Carroll and Curry were able to trigger a MySQL error, indicating that the username was directly interpolated into the login SQL query. This vulnerability allowed them to conduct a SQL injection attack and gain unauthorized access to the system.
Once inside the system, Carroll and his team found that there was no further authentication process in place to prevent them from adding crew records and photos for any airline using FlyCASS. This means that unauthorized individuals could potentially create fake employee profiles and gain access to restricted areas within airports, posing a serious security threat to airline operations.
The implications of this vulnerability are significant, as it highlights the potential security risks associated with third-party vendors who have access to sensitive systems. If left unaddressed, this vulnerability could be exploited by malicious actors to compromise airline security and endanger the safety of passengers and crew members.
The discovery of this vulnerability in the TSA’s airline crew member system serves as a stark reminder of the importance of robust cybersecurity measures in protecting critical infrastructure. It is essential for organizations to regularly audit their systems for vulnerabilities and work closely with third-party vendors to ensure the security of sensitive data and systems. The TSA must act swiftly to address this vulnerability and implement additional security measures to prevent unauthorized access to airline systems.