logo

FIFA Bug Exposes World Cup Streams to Remote Takeover

ID: 1c4de966-f624-502e-a853-947103c5c3bc

STIX ID: report--1c4de966-f624-502e-a853-947103c5c3bc

Feed Name: Dark Reading

Threat Score
80/100

Date Published: 2026-06-18

Date Updated: 2026-06-19

Author: Nate Nelson

...
...

A security researcher discovered a critical access-control vulnerability in FIFA's Microsoft Entra tenant that permitted an unprivileged account to access backend APIs and take control of World Cup streaming, match management, commentary systems, gametime analytics, and developer resources; the researcher reported the issue to CISA and the FBI after failing to reach FIFA directly, and authorities coordinated a fix the next day.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.