Critical flaw in WiFi routers puts hotels and millions of guests at risk

A critical vulnerability in ANTlabs InnGate devices, a popular Internet gateway for visitor-based networks and commonly installed in hotels and convention centers, has been discovered by Cylance researchers. The flaw could allow an attacker to monitor or tamper with traffic to and from any hotel WiFi user’s connection and potentially gain access to a hotel’s property management system (PMS).

This vulnerability affects 277 hotels, convention centers and data centers across 29 countries:

It has the potential to impact millions of customers ranging from everyday vacationers and data center IT staff to tradeshow attendees and high priority targets such as government officials, corporate executives and CSOs.

This is not the first time Cylance researchers have seen activity of this nature, as this vulnerability could allow a threat actor to carry out an attack similar to DarkHotel, a campaign discovered last November that infected Internet gateways at Asian Luxury hotels in order to compromise high-profile guests.

An attacker exploiting this new ANTlabs InnGate vulnerability could infect specific targets or anyone who connects via WiFi through it with malware, gain access to personal credentials stored on a user’s computer and gain full access to property management systems (PMS) that contain guest booking details and point of sale information.

The exploitation would only need a low level of sophistication and no authentication. The threat has been assigned a CVE-2015-0932 identifier and ranks the maximum score, 10.0, on the CVSS 2.0 scale. For more information about the vulnerability and its scope, check out this blog post.

The company has worked closely with the US-CERT and CERT/CC to coordinate the disclosure of this vulnerability responsibly. ANTlabs made available a patch for its InnGate product. For more information on how to apply it go here.