Hackers Bypass Airport Security: How Two Researchers Flew First Class for Free
Cybersecurity researchers found a vulnerability allowing them to skip US airport security and fly in the cockpit, all thanks to a SQL injection bug in the FlyCASS system. Apparently, you don’t need pilot school—just some hacking skills—to enjoy those cockpit views.
Hot Take:
Who knew being a high-flying hacker could be so literal? Forget pilot school; apparently, all you need is a bit of SQL wizardry to snag a cockpit seat. Just don’t forget to pack your parachute, because it’s a long way down for those who get caught!
Key Points:
- Researchers exploited a vulnerability in the Known Crewmember (KCM) and Cockpit Access Security System (CASS).
- Smaller airlines using third-party systems were especially vulnerable.
- A simple SQL injection allowed access to admin privileges on FlyCASS.
- Authorities’ response was slow and somewhat dismissive initially.
- FlyCASS was temporarily disconnected from KCM and CASS after the vulnerability was disclosed.
Membership Required
You must be a member to access this content.