Emergency Alert System Flaws Could Let Attackers Transmit Fake Messages

Cyber Security

The U.S. Department of Homeland Security (DHS) has warned of critical security vulnerabilities in Emergency Alert System (EAS) encoder/decoder devices.

If left unpatched, the issues could allow an adversary to issue fraudulent emergency alerts over TV, radio, and cable networks.

The August 1 advisory comes courtesy of DHS’ Federal Emergency Management Agency (FEMA). CYBIR security researcher Ken Pyle has been credited with discovering the shortcoming.


EAS is a U.S. national public warning system that enables state authorities to disseminate information within 10 minutes during an emergency. Such alerts can interrupt radio and television to broadcast emergency alert information.

Emergency Alert Systems

Details of the flaw have been kept under wraps to prevent active exploitation by malicious actors, although it’s expected to be publicized as a proof-of-concept at the DEF CON conference to be held in Las Vegas next week.


“In short, the vulnerability is public knowledge and will be demonstrated to a large audience in the coming weeks,” the agency said in the bulletin.

To mitigate the vulnerability, relevant participants are recommended to update the EAS devices to the latest software versions, secure them with a firewall, and monitor and audit review logs for signs of unauthorized access.

Articles You May Like

Samsung Galaxy Unpacked Event Today: How to Watch Livestream, Expected Price, Specifications
Voyager customer lost $1 million saved over 24 years and is one of many now desperate to recoup funds
RBI’s Digital Lending Norms Will Help Sector Scale Up, Become More Responsible, Industry Says
US Regulator to Investigate Deaths of Amazon Workers in New Jersey: Details
Chinese Hackers Backdoored MiMi Chat App to Target Windows, Linux, macOS Users