Walk-through metal detectors manufactured by well-known U.S.-based firm Garett are vulnerable to remote attacks, according to Cisco Talos.
Researchers at Cisco Talos discovered as many as nine vulnerabilities in walk-through metal detectors manufactured by well-known U.S.-based firm Garett. According to researchers, if these flaws are exploited, the attacker can take the detectors offline, monitor, read, and modify their data, and cause them to malfunction.
The Grave Risk
For your information, Garrett sells its metal detectors to schools, prisons, courthouses, sports arenas, entertainment avenues, airports, and even government buildings. This means Garrett’s products are widely used across all industries and sectors. Discovering so many vulnerabilities in its metal detectors may put them all at the risk of hacking.
What’s the Problem?
Cisco Talos researchers revealed that the iC module used by Garrett is the cause of all the trouble. The product provides network connectivity to the company’s two most popular walk-through metal detectors- the Garrett MZ 6100 and the Garrett PD 6500i. The module serves as a control center for the human operator of the device.
Talos researchers noted that four of these nine vulnerabilities (CVE-2021-21901, CVE-2021-21903, CVE-2021-21905, and CVE-2021-21906 ) are stack-based buffer overflow flaws, other four (CVE-2021-21904, CVE-2021-21907, CVE-2021-21908, and CVE-2021-21909) are directory traversal flaws, and one is a race condition (CVE-2021-21902).
How The Hack Occurs?
Using any type of interface, such as a laptop, an operator can use this module to control the detector remotely or carry out monitoring and diagnosis in real-time. Hence, the vulnerabilities identified in iC would allow cybercriminals to hack into Garrett’s metal detectors, execute arbitrary code, or get them offline, compromising the overall safety and security of the place where these detectors are installed.
Talos researchers explained the attack scenario in their blog post, which read:
“An attacker could manipulate this module to remotely monitor statistics on the metal detector, such as whether the alarm has been triggered or how many visitors have walked through. They could also make configuration changes, such as altering the sensitivity level of a device, which potentially poses a security risk to users who rely on these metal detectors.”
How to Mitigate the Threat?
Researchers stated that users of vulnerable metal detectors could mitigate the threat by simply updating their iC modules and installing the latest firmware version. The company notified Garrett in August and the issues were fixed on December 13, 2021.
“Talos tested and confirmed that the Garrett Metal Detectors iC Module CMA, version 5.0, could be exploited by these vulnerabilities. Users should update to the latest version of the firmware as soon as possible,” Talos’ researchers wrote in their report.