CVE-2017-5634 : Exploit Details and Defense Strategies

Norwegian Air Shuttle airline kiosk vulnerability allows attackers to gain administrative privileges and network access.

Understanding CVE-2017-5634

What is CVE-2017-5634?

The airline kiosk of Norwegian Air Shuttle, also known as norwegian.com, has a vulnerability that enables attackers in close proximity to bypass the intended "Please select booking identification" user interface step. By accessing a touch-screen print icon and manipulating the print dialog, the attackers are able to gain administrative privileges and network access on the underlying Windows operating system.

The Impact of CVE-2017-5634

This vulnerability poses a significant security risk as attackers can exploit it to escalate privileges and access sensitive information on affected systems.

Technical Details of CVE-2017-5634

Vulnerability Description

The Norwegian Air Shuttle (aka norwegian.com) airline kiosk allows physically proximate attackers to bypass the intended "Please select booking identification" UI step and obtain administrative privileges and network access on the underlying Windows OS by manipulating the print dialog.

Affected Systems and Versions

Product: n/a
Vendor: n/a
Version: n/a

Exploitation Mechanism

Attackers need physical proximity to the airline kiosk to exploit the vulnerability by accessing a touch-screen print icon and manipulating the print dialog.

Mitigation and Prevention

Immediate Steps to Take

Disable touch-screen print functionality on affected kiosks.
Implement physical security measures to restrict unauthorized access.

Long-Term Security Practices

Regularly update and patch the operating system and software.
Conduct security training to educate employees on identifying and reporting suspicious activities.

Patching and Updates

Apply security patches provided by the vendor to address the vulnerability and enhance system security.