Bug in FIFA World Cup internal system gave anyone ability to modify TV stream

A security researcher identified a critical vulnerability in FIFA's online platforms that granted unauthorized access to internal systems, including one capable of controlling the television stream for all World Cup matches. The researcher, who goes by the handle "Cyber’s Edge" on social media, detailed the flaw in a post on March 15, 2024, explaining that it stemmed from an issue within FIFA's content delivery network (CDN). This vulnerability, if exploited, could have allowed an attacker to modify or hijack the live broadcast of any World Cup game. Cyber's Edge stated that the flaw was not a simple misconfiguration but a deeper systemic issue within FIFA's infrastructure. The researcher responsibly disclosed the vulnerability to FIFA, which subsequently addressed the problem. The specific date of the fix was not immediately available, but the disclosure occurred this week. This incident highlights the ongoing cybersecurity challenges faced by major sporting organizations in protecting their digital infrastructure and broadcast integrity.