Vulnerability discovered in e-government communication
July 2, 2017
Shah Sheikh (1294 articles)
Share

Vulnerability discovered in e-government communication

Researchers have recently discovered a critical vulnerability affect governmental sectors such as public health systems, population registration, and justice system. The flaw resides in the secure communication protocol.

Basically, the OSCI-Transport communication library which is widely used and critical to the German e-government has multiple vulnerabilities enabling attackers to view and interfere with the messages. The OSCI-Transport is a secure channel and is the required communication protocol that serves the foundation of e-government,

According to experts, some of the OSCI safeguards can be broken through the usage of a XML Entity Injection attack allowing him to to read local files on communication partner’s system. In addition, a hacker with access to the system could potential not only decrypt parts of messages, but forge them.

Source: darkreading

 

Related articles

Hackers Bypass Multi-factor Authentication to Hack Office 365 & G Suite Cloud Accounts Using IMAP Protocol

Hackers Bypass Multi-factor Authentication to Hack Office 365 & G Suite Cloud Accounts Using IMAP Protocol

US DoD Adopts Ethical AI Principles

US DoD Adopts Ethical AI Principles

Fake Windows Update Used By New Fantom Ransomware

Fake Windows Update Used By New Fantom Ransomware