Wednesday, June 3, 06:25
Home security Cirque du Soleil app: Hackers and managers have the same capabilities

Cirque du Soleil app: Hackers and managers have the same capabilities

CircusSome researchers by ESET revealed the existence of a problem security in an application of the Cirque du Soleil, on “Toruk - The First Flight”. The specific application was designed to enhance audience interaction through audiovisual elements. However, according to the researchers, when designing the application, little attention was paid to safety.

The Toruk application is available at Google Play and have installed more than 100.000 users. It is also available in App Store. However, it has not received any updates from 2016.

One of ESET's researchers, Lukáš Štefanko, discovered that "Whoever was associated with network, during the show, had the same management rights as the Cirque du Soleil operators. ”This means that hackers could also have administrative rights.

The application does not have authentication protocols. As a result, an open port - the 6161 port - could be used by hackers to remotely control the application that runs Toruk. The hackers they could make changes in volume, show specific content, and more.

An attacker could perform a scan to collect the IP addresses of vulnerable devices.

ESET tried to inform Cirque du Soleil in March and May, but received no response.

The researchers decided to reveal their findings publicly today, after the Toruk show was completed. The application is no longer required and needs to be uninstalled immediately.

Informally, Cirque du Soleil intends to remove the application from Google Play and it Apple App Store, now that the show is over.

The Cirque du Soleil team stated that it took into account the implementation risks. However, she felt they were not very serious. Instead, the damage that could be caused to the show, after five years of touring around the world, would be much greater if the application was removed earlier.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement

LIVE NEWS

Samsung Access: Samsung's new service for new Galaxy devices!

Samsung has launched a new subscription service for upgrades, starting with the Galaxy S20 series. The new service, named Samsung ...

Microsoft: The tools that will now be available to everyone!

Microsoft now has the "Virtual Assistant Accelerator" and "Bot Framework Composer" tools for its entire user base. Developers can ...

Sony: Cancel PS5 event due to Floyd case!

The event that Sony had planned for the PS5 on June 4 was postponed indefinitely, due to the deplorable situation that prevails ...

Cisco warns: These Nexus switches have been hit by a serious security flaw

Cisco has warned customers with Nexus switches running NX-OS software to install updates to address a serious flaw ...

Windows 10 May 2020 Update: Get Windows 10 for € 9.09

As we all know, Windows 10 May 2020 Update has been released. It is safer, more reliable and more efficient than ever. It is certain that with ...

Anonymous's hack includes data from previous leaks!

As protests over the death of George Floyd in Minneapolis have spread across the United States, cyberattacks have targeted police ...

Critical Exim errors have been fixed, but many servers are still at risk

The update of Exim mail servers is not fast enough and the members of the Russian hacker Sandworm team are actively exploiting three critical ...

New Cisco vulnerability that concerns you!

A new critical Cisco vulnerability has been identified that concerns you: For those who don't know, Cisco recently announced that some of the servers ...

Antifa tweets from extreme rightists call for violence!

The "Antifa tweets" that flooded Twitter and promoted violence, actually came from a well-known far-right group! The information came in ...

Apple introduces the new USB-C Diagnostic Tool

Apple introduces the new USB-C Diagnostic Tool. See the new features: Apple finally brings the new internal USB-C Diagnostic Tool, ...