Several models of Emergency Alert System decoders, used to break into TV and radio broadcasts to announce public safety warnings, have vulnerabilities that would allow hackers to hijack them and deliver fake messages to the public, according to an announcement by a security firm on Monday.
The vulnerabilities included a private root SSH key that was distributed in publicly available firmware images that would have allowed an attacker with SSH access to a device to log in with root privileges and issue fake alerts or disable the system.
It’s a bit technical but the gist is that there were several vulnerabilities in the system. These require some fixes and update to the system. So, like with other white hat hackers, it was “harmless” and revealed some serious deficiencies that needed to be addressed.