Vulnerabilities Found in German e-Government Communication Library

  /     /     /  
Publicated : 22/11/2024   Category : security


Vulnerabilities Found in German e-Government Communication Library


Researchers find critical flaws in secure communications protocol used in areas including population registration, justice and public health systems.



Researchers have discovered critical vulnerabilities in the OSCI-Transport communication library, which plays an important role in the German e-government, reports SEC Consult.
The OSCI-transport protocol is the required communication protocol for public admins and foundation for e-government. It serves as a secure channel for government agencies to communicate across areas like population registration, justice system, and public health system. Attackers should not be able to view or interfere with messages.
Experts broke some of the security safeguards OSCI claims to have. They demonstrated how a hacker could use an external XML Entity Injection attack, which would let him or her read local files on communication partners systems. Someone who accessed the communication channel could also decrypt parts of a message and, in some cases, potentially forge messages.
SEC Consult notes that a full security audit has not been performed, and there is a possibility further vulnerabilities exist.
Read more details
here
.

Last News

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Vulnerabilities Found in German e-Government Communication Library