If you’ve ever used hotel Wi-Fi, listen up. A major vulnerability discovered in hotel Wi-Fi devices could put your information at risk.
The CVE-2015-0932 vulnerability has been discovered in a Wi-Fi device that many hotels use to provide Internet access to guest hotel rooms.
The ANTlabs InnGate router is said to be vulnerable to a firmware that gives a hacker the ability to monitor and record the data sent over the network. It could even allow the attacker access to a hotel’s keycard systems.
According to Cylance, an incident response cyber security company, “The attacker could upload a ‘back-doored’ version of nearly any executable on the system and then gain execution control, or simply add an additional user with root level access and a password known to the attacker. Once full file system access is obtained, the endpoint is at the mercy of the attacker.”
Something similar to this has happened before. Last year, there was an APT campaign called DarkHotel that infected Internet gateways at Asian luxury hotels in order to compromise high-profile guests.
That was a much more sophisticated attack, which makes the CVE-2015-0932 vulnerability more frightening. Cylance calls it “a very simple vulnerability with devastating impact.”
Researchers found 277 ANTlab InnGate routers in 29 countries, but it is believed this is only a small percentage as many of the devices are protected behind firewalls that make them difficult to identify. These devices are still believed to be vulnerable to attack.
Hotels were not the only places researchers found these devices. They also found them at some convention centers. A top data center company also uses the device to manage guest Wi-Fi in several locations in Asia.
Researchers believe a vendor-supplied patch, released March 26 will address the vulnerability.
