The US Department of Homeland Security warns of a vulnerability in the national emergency network.
"We recently became aware of certainvulnerabilities in EAS encoder/decoder devices that, if not updated to the latest software versions, could allow an attacker to transmit alerts through the host infrastructure (TV, radio, cable networks)", – writes the Department of Homeland Security's Federal Emergency Management Agency (FEMA).
Ken Pyle is a security researcher at CYBIR.com told CNN and Bleeping Computer that the vulnerabilities are in the Monroe Electronics R189 One-Net DASDEC EAS, an emergency warning system encoder and decoder. TV and radio stations use this equipment to broadcast emergency alerts. The researcher told Bleeping Computer that "numerous vulnerabilities and issues (confirmed by other researchers) have gone unfixed for several years and have become a huge flaw."
Pyle said:"I can easily access credentials, certificates, devices, exploit the web server, send fake alerts. I can also block legitimate users by neutralizing or disabling responses.", – adds Bleeping Computer.