A critical vulnerability has been identified in the Intelight X-1 traffic light controller, potentially allowing attackers to manipulate traffic signals and disrupt traffic flow. The flaw, uncovered by cybersecurity researcher Andrew Lemon from Red Threat, enables unauthorized users to bypass authentication and gain full control over traffic lights. This could result in severe traffic jams or hazardous situations if attackers alter signal timings or force intersections into a dangerous 4-way flash mode.
The vulnerability, tracked as CVE-2024-38944, was discovered through the National Transportation Communications for Intelligent Transportation System Protocol (NTCIP) standards, which are designed to ensure interoperability among traffic control systems. Lemon’s research highlighted how the lack of proper authentication in the Intelight X-1 controller allows attackers to change critical settings. This includes modifying the duration of light phases or uploading unauthorized configurations.
Lemon’s findings were based on exploiting the Simple Network Management Protocol (SNMP) and MIB Browser tools. The vulnerability stems from the fact that default settings and insufficient security measures allowed the researcher to retrieve and manipulate sensitive data. Notably, he found that essential values such as system location and security settings could be altered without proper authentication, potentially compromising the entire traffic management system.
Although the research did not confirm similar vulnerabilities in other traffic control technologies, it raises significant concerns about digital signage and other related systems. The issue underscores the need for stringent security measures in the development and deployment of traffic management technologies to prevent potential exploitation and ensure public safety.