Uniguest – Kiosk Security – Widely Used Kiosks Compromised by Hardcoded Credentials

Hardcoded Credentials in Kiosk Software Allowed Remote Attackers to Compromise API

Read full article

Uniguest provides kiosks to the hospitality, senior living, specialty retail, education and corporate sectors. The kiosks typically run a locked down version of Windows, and are managed by Uniguest rather than, for example, the hotel customers. With so many kiosks in so many different locations, that management inevitably involves the cloud — and when the cloud is involved there are often security lapses.

Founded in 1986, the company claims to have managed service contracts for 32,000 kiosks across 15,000 client locations.

Uniguest VulnerabilityStarting with nothing more than a Google search, researchers from Trustwave SpiderLabs found a Uniguest website (ucrew.uniguest.com) that had been publicly exposed on the internet. This website appeared to contain all the tools that technicians would need to deploy or manage a kiosk on location. From this simple observation, the researchers were able to develop a train that would ultimately enable them, in their own words, to “dump all the data in the Uniguest cloud database, which includes admin, router and BIOS passwords, product keys and various other sensitive information, for what looked like all of Uniguest’s customers.”

Read full article