Rotem found that “by simply changing the RULE_SOURCE_1_ID, we were able to view any passenger name record (PNR) and access the customer name and associated flight details”, according to security blog Safety Detective.
From there, the researchers could log into ELAL’s customer portal “and make changes, claim frequent flyer miles to a personal account, assign seats and meals, and update the customer’s email and phone number, which could then be used to cancel/change flight reservation via customer service.”
A hacker must know a PNR code to exploit the vulnerability, however ELAL sends the codes out through unencrypted email and that flyers are careless with them, often sharing them on social media, the online publication added.
The researchers, who developed a script to fix the problem, contacted ELAL to report the vulnerability and suggested the airline introduce captchas, passwords and a bot protection mechanism. Moreover, after reporting the vulnerability to Amadeus, the company wrote issued a statement saying the problem was resolved.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now