A medium-severity vulnerability in Traffic Alert and Collision Avoidance System (TCAS) II allows attackers using software-defined radios and custom low-latency processing pipelines to transmit RF signals with spoofed location data to aircraft targets. This can cause fake aircraft to appear on displays and potentially trigger undesired Resolution Advisories (RAs). The vulnerability was published on January [truncated]
HIGHTraffic Alert and Collision Avoidance System (TCAS) IICVE published 2024-01-21
CVE-2024-11166 is a HIGH severity vulnerability (CVSS 3.1: 8.2) affecting Traffic Alert and Collision Avoidance System (TCAS) II aircraft safety systems. Published on January 21, 2024, this vulnerability exists in TCAS II systems using transponders compliant with Minimum Operational Performance Standards (MOPS) earlier than RTCA DO-181F. An attacker with adjacent network access can impersonate a ground st [truncated]
