One Article Review
| Source |  Cyble |
|---|---|
| Identifiant | 8642105 |
| Date de publication | 2025-01-23 12:43:04 (vue: 2025-01-24 16:05:22) |
| Titre | Aircraft Collision Avoidance Systems Hit by High-Severity ICS Vulnerability |
| Texte | >
Overview
A pair of vulnerabilities in the Traffic Alert and Collision Avoidance System (TCAS) II for avoiding midair collisions were among 20 vulnerabilities reported by Cyble in its weekly Industrial Control System (ICS) Vulnerability Intelligence Report.
The midair collision system flaws have been judged at low risk of being exploited, but one of the vulnerabilities does not presently have a fix. They could potentially be exploited from adjacent networks.
Other ICS vulnerabilities covered in the January 15-21 Cyble report to subscribers include flaws in critical manufacturing, energy and other critical infrastructure systems. The full report is available for subscribers, but Cyble is publishing information on the TCAS vulnerabilities in the public interest.
TCAS II Vulnerabilities
The TCAS II vulnerabilities were reported to the U.S. Cybersecurity and Infrastructure Security Agency (CISA) by European researchers and defense agencies. CISA in turn disclosed the vulnerabilities in a January 21 advisory.
The vulnerabilities are still undergoing analysis by NIST, but Cyble vulnerability researchers said the weaknesses “underscore the urgent need for enhanced input validation and secure configuration controls in transportation systems.”
TCAS airborne devices function independently of ground-based air traffic control (ATC) systems, according to the FAA, and provide collision avoidance protection for a range of aircraft types. TCAS II is a more advanced system for commercial aircraft with more than 30 seats or a maximum takeoff weight of more than 33,000 pounds. TCAS II offers advanced features such as recommended escape maneuvers for avoiding midair collisions.
The first vulnerability, CVE-2024-9310, is an “Untrusted Inputs” vulnerability in TCAS II that presently carries a CVSS 3.1 base score of 6.1.
CISA notes that “By utilizing software-defined radios and a custom low-latency processing pipeline, RF signals with spoofed location data can be transmitted to aircraft targets. This can lead to the appearance of fake aircraft on displays and potentially trigger undesired Resolution Advisories (RAs).”
The second flaw, CVE-2024-11166, is an 8.2-severity External Control of System or Configuration Setting vulnerability. TCAS II systems using transponders compliant with MOPS earlier than RTCA DO-181F could be attacked by threat actors impersonating a ground station to issue a Comm- |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | 000 11166 181f 2024 9310 acas access according across activity actors adapt adding additional adjacent administration adopting advanced advisories advisory against agencies agency air airborne aircraft alert alerts all along among analysis an incident appearance applying approach are assessment assessments assets associated atc attacked attacker authentication automating available aviation avoidance avoiding a zero base based been being better bodies but by cyble by threat can carries cause caused cisa click here collision collisions comm commercial complex compliant comply comprehensive compromise concluded conclusion condition conditions conducting configuration consistency consulting control controls correlation could covered covers critical currently custom cve cvss cyber cybersecurity cyble damage danger data day defense defined denial deployment details developing devices disable disclosed displays disrupt does earlier effective efficiency employee employees energy enhanced ensuring environment environments escape especially established establishing european exploit exploitation exploited exposure external faa fake features federal findings first fix flaw flaws focus follow following from full fully function gaps goal good ground has have help high hit hygiene ics identify identity impersonating implementing importance important improve improving incidents include include: includes increasingly independently industrial information infrastructure input inputs” insights intelligence interest internal inventory issue issued its january judged known lab landscape latency lateral latest layered lead leading level like limit location low lowest maintain maintaining malicious management mandatory maneuvers manufacturing maximum measures met midair might minimize mitigated mitigating mitigation mops more movement multi need network networks nist not notes number observed observing offered offers one ongoing ongoing cybersecurity training operational operations organizations other outcomes outside overall overview pair particularly patch patching penetration physical pipeline plan pose potential potentially pounds practices presently prevent procedures processes processing programs proper protected protection provide public publicly publishing radios range ras recognizing phishing attempts recommendations recommended reduce reducing regarding regular regularly regulatory report reported request require researchers resilience resolution response right risk rtca said score scrutinized seats second secure securing security segmentation sensitive sensitivity service set setting severity should show signals slc software specific spoofed standard station staying strategy subscribers such suspected system systems takeoff targeting targets tcas technology tested testing than these those threat threats time timely tools top to cyber tracking traffic tragic training transmitted transponder transponders transportation trigger trust policy turn types undergoing understanding undesired unlikely updated upgrading urgent using utilizing validated validation vendors verification very vulnerabilities vulnerabilities vulnerabilities vulnerability weaknesses weekly weight which working “after “by “however “organizations “underscore “untrusted ” |
| Tags | Tool Vulnerability Threat Patching Industrial Commercial |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.