IOActive, Inc. has found cybersecurity vulnerabilities in Panasonic Avionics in-flight entertainment (IFE) systems used by a number of major airlines including United, Virgin, American Airlines, Emirates, AirFrance, Singapore and Qatar, the company said.
IOActive principal security consultant Ruben Santamarta discovered vulnerabilities in the system could allow attackers to hijack in-flight displays and potentially gain entry into other systems on board. In some instances, the holes in the system could allow hackers to access passenger credit card information, and could potentially act as an entry point to the wider network.
According to Santamarta, once IFE system vulnerabilities have been exploited, a hacker could gain control of what passengers see and hear from their in-flight screen.
IOActive, headquartered in Seattle, Wash., is a research-driven security services company, delivering specialist security services ranging from penetration testing and application code assessment to chip reverse engineering across multiple industries.