Researchers and the TSA have different views on the impact of vulnerabilities in an airport security application that could allegedly allow the bypass of certain airport security systems.
September 6, 2024 By Eduard Kovacs
The cybersecurity agency CISA has issued a response following the disclosure of a controversial vulnerability in an application related to airport security systems.
In late August, researchers Ian Carroll and Sam Curry disclosed the details of an SQL injection vulnerability that could allegedly allow threat actors to bypass certain airport security systems.
The security hole was discovered in FlyCASS, a third-party service for airlines participating in the Cockpit Access Security System (CASS) and Known Crewmember (KCM) programs.