SecurityTube

Some Highway Traffic Systems Open to Man-in-the-Middle Attack

JB

Highway traffic systems deployed across the United States could be open exploit via what a group of researchers has deemed an “insufficient entropy vulnerability” in the systems’ software.

According to an advisory (.PDF) issued late last week by the U.S. Industrial Control System Computer Emergency Readiness Team (ICS-CERT), systems built by the Houston, Tex. based company Post Oak Traffic Systems could allow unauthorized access. In particular, the company's traffic monitoring systems that rely on Anonymous Wireless Address Matching (AWAM) Bluetooth readers that appear to be in danger.

These readers generally gather information about traffic patterns and other highway data via cars with Bluetooth technology enabled.