Ethical Hacker Flags Security Flaws in CBSE Digital Marking System

An ethical hacker has flagged serious security vulnerabilities in the Central Board of Secondary Education's new on-screen digital marking system ^[1].

The discovery comes as thousands of students challenge the integrity of their Class 12 board results following the implementation of the digital process. If the reported flaws are widespread, the legitimacy of national academic credentials could be compromised.

Arnav Singh, a 19-year-old ethical hacker, said, "Anyone could edit marks" ^[1]. Singh identified a critical weakness in the portal's authentication process. He said, "The OTP verification can be bypassed with a simple script, which is a serious security flaw" ^[2].

These technical concerns coincide with a significant decline in academic performance. The overall Class 12 pass percentage fell to 85.2% ^[3], compared to 88.39% the previous year ^[3]. This drop led more than 10,000 students to complain about their marks ^[1].

The controversy centers on the transition to a digital evaluation system. Many students reported unexpectedly low scores and questioned whether the new software accurately reflected their performance, or if it was susceptible to external interference.

In response to the vulnerabilities, a CBSE spokesperson said, "We are looking into the matter and have taken steps to secure the portal" ^[4]. The board has not yet detailed the specific patches applied to the system to prevent the script-based bypass of the one-time password verification.

Singh's findings suggest that the lack of robust security could allow unauthorized users to alter student grades, potentially leading to widespread academic fraud if not addressed immediately ^[2].