CVE-2019-9019
Description
The British Airways Entertainment System, as installed on Boeing 777-36N(ER) and possibly other aircraft, does not prevent the USB charging/data-transfer feature from interacting with USB keyboard and mouse devices, which allows physically proximate attackers to conduct unanticipated attacks against Entertainment applications, as demonstrated by using mouse copy-and-paste actions to trigger a Chat buffer overflow or possibly have unspecified other impact.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
USB port on British Airways in-flight entertainment system allows keyboard/mouse injection, enabling unauthenticated attackers to trigger a buffer overflow in the Chat application via paste operations.
Vulnerability
The British Airways Entertainment System installed on Boeing 777-36N(ER) and possibly other aircraft does not restrict USB ports to charging-only mode. The USB data-transfer feature remains active and accepts input from HID devices such as keyboards and mice. This allows the injection of crafted sequences of keystrokes and mouse actions into the system's Chat application, ultimately triggering a buffer overflow vulnerability. The affected software versions have not been officially disclosed, but the bug is exploitable in the configuration as deployed on these aircraft [1].
Exploitation
An attacker must have physical proximity to the seat and be able to connect a USB keyboard and mouse to the entertainment system's port. No network access or authentication is required. The reported attack sequence involves using the mouse to copy a large amount of data and then paste it into the Chat application's input field. The software fails to validate the size of the incoming data, leading to an overflow of the Chat buffer. This can be performed by any passenger with access to a USB HID device [1].
Impact
Successful exploitation allows the attacker to corrupt the Chat application's memory. The researcher who discovered the issue demonstrated that this can be used to overwrite critical data structures, potentially leading to arbitrary code execution within the context of the entertainment system. The exact scope of compromise is not fully defined in the available references, but the attacker could gain control of the in-flight entertainment software. The CIA impact is primarily on integrity and availability of the entertainment system; whether the overflow can escape the application sandbox is not indicated [1].
Mitigation
As of the publication date (2019-02-22) and the referenced blog post (2019-03-06), no official patch was released by British Airways or the system vendor. The fix should involve disabling USB data-transfer functionality or implementing input validation on Chat buffer sizes. The researcher states he is supporting stakeholders to address this issue [1]. There is no indication that this CVE has been added to the KEV catalog.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.