Emergency Alert System Flaws Could Let Attackers Transmit Fake Messages

Cyber Security

The U.S. Department of Homeland Security (DHS) has warned of critical security vulnerabilities in Emergency Alert System (EAS) encoder/decoder devices.

If left unpatched, the issues could allow an adversary to issue fraudulent emergency alerts over TV, radio, and cable networks.

The August 1 advisory comes courtesy of DHS’ Federal Emergency Management Agency (FEMA). CYBIR security researcher Ken Pyle has been credited with discovering the shortcoming.


EAS is a U.S. national public warning system that enables state authorities to disseminate information within 10 minutes during an emergency. Such alerts can interrupt radio and television to broadcast emergency alert information.

Emergency Alert Systems

Details of the flaw have been kept under wraps to prevent active exploitation by malicious actors, although it’s expected to be publicized as a proof-of-concept at the DEF CON conference to be held in Las Vegas next week.


“In short, the vulnerability is public knowledge and will be demonstrated to a large audience in the coming weeks,” the agency said in the bulletin.

To mitigate the vulnerability, relevant participants are recommended to update the EAS devices to the latest software versions, secure them with a firewall, and monitor and audit review logs for signs of unauthorized access.

Articles You May Like

Xiaomi Smart TV 5A Pro 32-Inch With Quad-Core CPU, Dolby Audio Launched in India
Xbox Game Pass Brings Immortals Fenyx Rising, Midnight Fight Express, More in 2nd Half of August
Tornado Cash Developer Arrested After U.S. Sanctions the Cryptocurrency Mixer
NASA’s Mars InSight Lander Data Reveals Surprising Results About Possibility of Life on the Red Planet
Apple Supplier BOE Hit by Power Rationing in Sichuan, Toyota Suspends Production: Report