Bug in FIFA World Cup internal system gave anyone ability to modify TV stream
ID: 1880ca10-819c-5607-8fce-a46c6ceb97df
STIX ID: report--1880ca10-819c-5607-8fce-a46c6ceb97df
Feed Name: TechCrunch Security News
Threat Score
A researcher discovered a missing authorization check in FIFA’s agent registration backend API that allowed her, after registering as a player agent, to access internal platforms controlling broadcasters' TV streams and commentators' displays—potentially allowing an attacker to hijack live World Cup camera feeds. The flaw was reported and patched by FIFA within hours; there is no reported evidence of malicious use.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
