CBSE Addresses Security Vulnerability in Evaluation Portal The Central Board of Secondary Education (CBSE) has acknowledged a technical vulnerability in its digital evaluation portal, stating it is working to resolve the issue. The board confirmed it is monitoring the problem with its service provider, which manages the portal used to distribute scanned answer sheets to students. While CBSE did not specify the exact nature of the vulnerability, the announcement came after a user on the social media platform X claimed to have discovered a security flaw. The user, identified as a software engineer, shared screenshots alleging that the board stored scanned answer sheets and question papers for the 2026 board examinations on an unsecured Amazon Web Services (AWS) cloud storage bucket. According to the user, the lack of password protection allowed anyone to access and download the documents. The controversy gained further attention when former Union minister Jairam Ramesh posted on X, calling the situation a breach of privacy affecting 2 million students. Ramesh alleged that CBSE had manipulated the technical specifications in the request for proposal (RFP) for the digital evaluation project to favor COEMPT, the company contracted to handle the task. He also pointed out inconsistencies in the leaked answer sheets, such as folds and drop shadows, which he argued indicated the documents were scanned using mobile phones rather than dedicated scanning equipment. Ramesh further claimed that the third RFP omitted a requirement for robotic scanners, which could have improved the accuracy of the process. CBSE responded by thanking individuals and ethical hackers who brought the issue to light, stating that a team of cybersecurity experts had been deployed to address the vulnerabilities.#central_board_of_secondary_education #amazon_web_services #jairam_ramesh #coempt #onmark
