Researchers have discovered a total of nine software vulnerabilities in a commonly used metal detector product. If exploited, the security flaws could allow a hacker to take detectors offline, read or alter their data, or just generally mess with how they work, the research reveals.
The product in question is produced by Garrett , a well-known U.S.-based metal detector manufacturer that sells its product to schools, court houses, prisons, airports, sports and entertainment venues, and an assortment of government buildings, according to its website and other sites. In other words, their products are pretty much everywhere.
Unfortunately, according to researchers with Cisco Talos, Garrett’s widely used iC module is in trouble. The product, which provides network connectivity to two of the company’s popular walk-through detectors (the Garrett PD 6500i and the Garrett MZ 6100), basically acts as a control center for the detector’s human operator: using a laptop or other interface, an operator can use the module to remotely control a detector, as well as engage in “real-time monitoring and diagnostics,” according to a website selling the product.
In a blog post published Tuesday, Talos researchers said that the vulnerabilities in iC, which are officially being tracked as a bevy of CVEs, could allow for somebody to hack into specific metal detectors, knock them offline, execute arbitrary code, and generally just make a real mess of things.
“An attacker could manipulate this module to remotely monitor statistics on the metal detector, such as whether the alarm has been triggered or how many visitors have walked through,” researchers write. “They could also make configuration changes, such as altering the sensitivity level of a device, which potentially poses a security risk to users who rely on these metal detectors.”
In short: This is bad news. Generally speaking, nobody really wants to walk through a metal detector. But, if you’re going to walk through one, it might as well work, right? While the scenarios in which an attacker would actually go to the trouble to hack into these systems seem slim to probably fantastical, having functional security systems at important locations like airports and government agencies seems like a good idea.
Fortunately, Talos says that users of these devices can mitigate the security flaws by updating their iC modules to the latest version of its firmware. Cisco apparently disclosed the vulnerabilities to Garrett in August and the vendor just fixed the flaws on Dec. 13, Talos writes.
We reached out to Garrett’s security division for comment and will update this story if they respond.
UPDATE: A Garrett spokesperson responded with the following statement in regards to the Talos report.
To be clear the vulnerability described is limited to Garrett Walk Through Metal Detectors which are equipped with an accessory network interface appliance known as the CMA or IC Module. The deployment of these modules is very limited and therefore this vulnerability exists in only a relatively small population of the installed Garrett metal detectors. There is no vulnerability to products that do not have this appliance installed and/or are not connected to a network.
In response to the Cisco report, Garrett has successfully developed a patch that can be installed by the customer. Cisco has certified that the patch resolves the reported vulnerabilities.
Garrett will be contacting customers who have purchased the product with information about the patch.