#TSA

CISA Breaks Silence on Controversial ‘Airport Security Bypass’ Vulnerability 

by

September 6, 2024 at 06:30AM CISA responded to the disclosure of a security vulnerability in FlyCASS, a third-party application related to airport security systems. The issue allowed unauthorized access to the account of a participating airline, potentially compromising security screening and cockpit access. The researchers identified and reported several serious issues, prompting the disabling of … Read more

Tired of airport security queues? SQL inject yourself into the cockpit, claim researchers

by

August 30, 2024 at 09:35AM Cybersecurity researchers discovered a vulnerability in the Known Crewmember (KCM) and Cockpit Access Security System (CASS) programs, allowing unauthorized access to skip airport security and enter the cockpit of commercial airliners. By exploiting a SQL injection bug in the third-party vendor site FlyCASS, the researchers gained admin access and manipulated … Read more