Skip to main content

Researchers find way to hack Panasonic’s in-flight entertainment systems

Researchers working for the cybersecurity consultancy group IOActive discovered some troubling vulnerabilities in Panasonic Avionics’ in-flight entertainment systems. The company’s avionics subsidiary supplies hardware to 13 different airlines: Aerolineas Argentinas, Air France, American Airlines, Emirates, Etihad Airways, Finnair, Iberia, KLM, Qatar Airways, Scandinavian Airlines, Singapore Airlines, United Airlines, and Virgin America.

“I discovered I could access debug codes directly from a Panasonic in-flight display,” IOActive’s Ruben Santamarta said in a statement. “A subsequent internet search allowed me to discover hundreds of publicly available firmware updates for multiple major airlines, which was quite alarming.”

Recommended Videos

Santamarta performed further analysis in an attempt to find out what hackers could accomplish by interfering with an avionics device. He found it was possible to manipulate what was being displayed on the screen, to send out fake announcements over the PA system, and to control cabin lights and the reclining seats in the first-class section of the plane. There was also evidence that credit card details belonging to frequent flyers and VIP members could be stolen in this manner.

However, all of these attacks would pale in comparison to the potential for criminals to take control of the aircraft itself. Fortunately, this is impossible in most circumstances, according to a report from Tech Spot.

Most airlines keep the aircraft control domain physically isolated from the passenger entertainment domain, which means that there is no way to use in-flight entertainment hardware to interfere with the vessel’s controls. However, Santamarta states this is not always the case and urges airlines to be “incredibly vigilant” about this kind of threat.

IOActive reported these security flaws to Panasonic in March 2015 and has waited until now to release the information to the public so that the company would have time to make improvements. This is not the first time that the consultancy firm has shed light on a potential security breach — it played a key role in publicizing the high-profile Jeep hacking risk that led to a major recall in 2015.

Brad Jones
Brad is an English-born writer currently splitting his time between Edinburgh and Pennsylvania. You can find him on Twitter…
This compact HP Omen gaming PC is on sale at 39% off today
The HP Omen 16L gaming desktop sitting on a desk.

For those who want a proper gaming desktop but don't have enough space for a big and bulky machine, the HP Omen 16L could be what you need. You're in luck because it's on sale from the gaming PC deals of HP right now, with this configuration featuring the Nvidia GeForce RTX 3050 graphics card available at 39% off. You'll only have to pay $800 instead of its original price of $1,330, but you need to push through with your purchase immediately if you want to make sure you pocket the savings of $530.

Why you should buy the HP Omen 16L gaming PC

Read more
SpaceX’s Starlink rival is about to launch more internet satellites — here’s how to watch
Amazon's KA-01 mission for Project Kuiper gets underway from the Space Coast.

[UPDATE: A technical issue with the rocket has caused the launch to be postponed. We'll update this article with the new launch schedule just as soon as it becomes available.]

Amazon is preparing to launch its second batch of Project Kuiper internet satellites to orbit as it seeks to build out a constellation to take on SpaceX’s Starlink service.

Read more
Weird Mac mini issue prompts Apple to take action
A top-down view of the Mac Mini.

Following multiple reports of specific Mac mini computers failing to power on, Apple has launched a global repair program to sort the problem out.

Apple launched the  M2 Mac mini in January 2023, though the affected units were made between June 16 and November 23 of 2024, according to a notice about the repair program that was first spotted by MacRumors.

Read more