The FEMA advisory reveals that the exploit was first reported by Ken Pyle, a security researcher at CYBIR. In 2019, he reported these vulnerabilities to Digital Alert Systems, a firm that makes the emergency-alert software, following which the company issued a security patch to fix the issue. However, not every system running the software has been updated to the newest version.
Meanwhile, CNN reports that the vulnerability could potentially let a hacker take control and broadcast fake messages over the system. FEMA has come across compelling evidence pointing towards this vulnerability. Thankfully, the vulnerability only seems to affect a select number of encoder/decoder devices in possession of EAS participants, which have not been updated to recent software versions.
The FEMA advisory recommends taking three key steps to prevent the vulnerability from being exploited. While the first step is to get all EAS devices up to date with the most recent software versions, additional steps include these devices being protected by a firewall and robust security mechanisms. As an additional line of defense, FEMA also recommends that EAS devices are continuously monitored with regular audits to ensure no unauthorized access becomes possible.
At this stage, it is unclear how many systems that are part of the Emergency Alert System are affected by this vulnerability. The CNN report, however, does quote Ed Czarnecki, the vice president of global and government affairs digital Alert Systems, who confirms that a majority of the systems have been patched.
For all the latest Games News Click Here
For the latest news and updates, follow us on Google News.