PoC Buffer Overflow exploitation in the British Airways Entertainment System

PoC Buffer Overflow exploitation in the British Airways Entertainment System

Updated on 06/03/2019

I have created a blog post providing further details to clarify the CVE-2019-9019.

This CVE is getting a lot of attention and "fake news" are exaggerating this for their own benefit. No, I did not attack the system. I was curios about the USB port socket and its purpose and I found a weakness accidentally.

This was published without putting too much effort on the details about what and how this happened. However since this is getting a lot of attention I decided to write a blog post to clarify it.

From the beginning, the intention was to avoid this issue to go unnoticed, that's all, because I really think this should be addressed and I am supporting stakeholders on this.

Please read http://hmarco.org/bugs/CVE-2019-9019/CVE-2019-9019-British-Airways-Entertainment-System.html before you start to make wrong judgements using incomplete information about what and how this happened (video included).

I do not think I am the first person in the world knowing this issue but I know that now this have much more chances to be fixed.



Tim D Williams

BSc MSc PGCHE CELTA FBCS CITP MBPsS MCIIS MIEEE MIET TOGAF ITIL CISSP-ISSAP-ISSEP-ISSMP CSSLP CGRC CGEIT CISA CISM CRISC Versatile Freelance IT/Security Consultant with Multidisciplinary People/Process/Technical Skillset

4y

Unless you have access to first class advice on international aviation law providing you with a lawful basis for doing this or had explicit written  permission from an authoriaed authoriser at BA, what you have apparently done is far from clever. It might have constituted an acceptable style of “security research” back in the early 1980’s but that was before the film Wargames which influenced the passage of the US Computer Fraud and Abise Act 1984 (https://en.m.wikipedia.org/wiki/Computer_Fraud_and_Abuse_Act) and the hacking of the Duke of Edinburgh’s dial-up email account in 1984 which led to the passing of the Computer Misuse Act 1990 (https://www.bbc.co.uk/news/amp/technology-36306419). In short if you intentionally cause a computer to do anything which you know you are not authorised to cause it to do, then you are comitting a crime. It’s really hard to thibk of any conceivable defence. Even if yoi were to claim that everything you have published was a simulation and was not actually done as described on an actual transatlantic flight you would be hard-pressed not to have broken any other laws, not least laws related to hoaxes and frauds ot to have contravened the ethical standards of your employers. In short, whiile you have attracted attention to yourself including mine, this style of “security research” is rather childish and does not benefit anyone: yourself, BA, the travelling public or the wider community of security researchers who commit themselves to behaving in a far more mature and responsible manner. 

Jorge Peinado Prado

Linux systems administrator at AirON Group

4y

If I were you I would remove that video before any BA attorney see it ...

Tim (Wadhwa-)Brown

4y

So whilst traveling on the plane, you thought it would be a good idea to attack a component on it? Ethical and legal questions abound... (yes, I'm technical enough to understand the limited practical risk but still...)

Kurt Thomas

Senior System Engineer @ Fortra

4y

Thanks for the article!  Airlines, let's not have USB ports on planes. At least not outside the cockpit. On second thought, probably having them there is not a good idea, either.

Like
Reply
Victor F.

Consultor técnico de seguridad ICS

4y

I think that Ruben Santamarta played with this consoles until a few years ago

To view or add a comment, sign in