EE Security Vulnerabilities In Their Online Portals

For the past few days, the telecom sector seems to combat CyberSecurity issues. Reportedly, EE, a UK-based cellular firm, patched two different flaws in its system within one week. Fortunately, the vulnerabilities were discovered by some white-hat hacker before anyone could exploit them. Yet, the bugs were not trivial to be ignored.

EE Patched The Flaw That Allowed Free Data To A User

Reportedly, two separate security researchers discovered two different security vulnerabilities in EE’s system.

At first, the researcher, who goes by the name of Infosec Spider, discovered how a system flaw could let an attacker add unlimited data to an account for free. As reported by TechCrunch:

The bug allowed any customer to modify code on the customer’s account page that allows users to “gift” data to linked accounts.

This applied to any other linked account, whether belonging to the same user, or to any other user.

To exploit this vulnerability, an attacker simply had to use any MITM tool. In this way, the attacker could “intercept server request”, and could then replace the phone number of the recipient with any other desired number. The user could even mention its own number as well. Consequently, the system allows to duplicate data.

After the news regarding the bug surfaced online, EE quickly patched the flaw within two days. However, to their dismay, another researcher pointed out one more security flaw in their system.

EE Endured A Second Bug That Allowed Access To Firm’s Internal Site

This time, it was a glitch in their online portal that could allow anyone to access the firm’s internal site. Doing so simply required the researcher to log in the system through an admin account. As reported by TechCrunch,

“Although the site required an employee username and password to log in, the researcher found that an “admin” account existed, of which anyone with the answer to the secret question could reset the password.”

According to the researcher with the alias ‘Six’ on Twitter, the account had a simple secret question “What is your eye color”, which had a simple answer ‘brown’. Indeed, it was easy to crack. After answering this simple question, he was able to access the internal training site.

 

Start your Free Trial
Scan your WebSite and Network

 

The researcher reported the matter to TechCrunch, who then reported it to the company, and they patched it. While the company does not consider the flaw as a serious glitch, the researcher said that the vulnerability was perhaps too dangerous.

“I didn’t do any of that because of the law, but that doesn’t mean a malicious attacker couldn’t have done it.”

As informed by the researcher, he gained access to the company’s training site for EE staff. All employees are given access to this site in the first week after starting the job. He found that all employee accounts followed a similar pattern for account passwords – the employees’ surname in lower case.

After knowing the matter, and whilst patching the flaw, the EE officials said that the vulnerability only exposed some accounts.

“No customer data is, or has been, at risk as the user account on the training website only gave access to a dummy environment with fake accounts.”

However, as reported, although the researcher came across some dummy accounts. Yet, he could also view the course content and employees’ data. He could also access the training details of related firms such as Plusnet and Orange. He further said that, despite not viewing any employee or customer data, he could access them since he was allowed to change “permissions” as needed.

EE officials have reportedly closed the vulnerable account, and have also changed the security question and the password.

Although both vulnerabilities were fixed quickly by EE, it is important to note that the recent incidents simply add to the trail of CyberSecurity issues happening with the firm. Earlier this year, the same security researcher ‘Six’ found discovered an unsafe code repository that could allow anyone to login via default credentials. Later on, the company exposed private server keys due to a Jira bug incident.

 

Start your Free Trial
Scan your WebSite and Network

 

The importance of Preventive Security

In this fast-changing scenario it’s easy to understand that CyberSecurity plays a significant role. Every company can not allow to have its data exposed. Data breaches imply a huge damage both on a financial and brand level. In order to protect your company from undesired access, Swascan is the right tool.

Swascan allows the Security Management and the Compliance of your company. Its services include Vulnerability Assessment and Network Scan that spot all the vulnerabilities in your network, website, web app, IT infrastructure, …

Moreover, these tools provide the actions to implement in order to fix such vulnerabilities, here you can have a free trial of the solution:

Start your Free Trial
Scan your WebSite and Network

 

Last but not least, Swascan services ensure GDPR Compliance.

Foreshadow – Intel CPUs Affected By L1TF Vulnerabilities
Air Canada Data Breach: Mobile App Users Locked Out

Cyber Incident Swascan Emergency

Contact us for immediate support

The undersigned, as data subject, DECLARES that I have read and understood the content of the privacy policy pursuant to Article 13, GDPR. AGREE to the processing of data in relation to the sending by the Data Controller of commercial and / or promotional communications relating to (i) own products / services, or (ii) products / services offered by third parties.
The consent given may be revoked at any time by contacting the Data Controller at the addresses provided in the aforementioned privacy policy.