Details of VAR-201807-0127

ID

VAR-201807-0127

CVE

CVE-2016-9495

TITLE

Hughes satellite modems contain multiple vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#614751

DESCRIPTION

Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, uses hard coded credentials. Access to the device's default telnet port (23) can be obtained through using one of a few default credentials shared among all devices. Hughes Network Systems, LLC Multiple broadband satellite modems offered by are vulnerable to the following multiple vulnerabilities: * Incorrect input value validation (CWE-20) - CVE-2016-9494 * Problems with hard-coded credentials (CWE-798) - CVE-2016-9495 * The problem of lack of authentication for important functions (CWE-306) - CVE-2016-9496 * Avoiding authentication through another channel or path (CWE-288) - CVE-2016-9497Denial of service operation of the device by a remote third party (DoS) An attack could be performed, the device could be restarted, or an arbitrary command could be executed on the device. Multiple denial-of-service vulnerabilities 2. A hard-coded credentials vulnerability 3. An authentication bypass vulnerability An attacker can exploit these issues to gain access to bypass certain security restrictions and obtain potentially sensitive information, perform unauthorized actions, or cause denial-of-service condition on the affected device. Other attacks are also possible. The following products are vulnerable: HN7740S DW7000 HN7000S/SM. Hughes satellite is a set of solutions for satellite broadband services from Hughes Corporation of the United States. HN7740S, DW7000 and HN7000S/SM are the modems used in it. The following products and versions are affected: Hughes HN7740S with firmware version 6.9.0.34; DW7000 with firmware version 6.9.0.34; HN7000S/SM with firmware version 6.9.0.34

Trust: 2.7

sources: NVD: CVE-2016-9495 // CERT/CC: VU#614751 // JVNDB: JVNDB-2016-008414 // BID: 96244 // VULHUB: VHN-98315

AFFECTED PRODUCTS

vendor:	hughes	model:	hn7000sm	scope:	eq	version:	6.9.0.34	Trust: 1.6
vendor:	hughes	model:	dw7000	scope:	eq	version:	6.9.0.34	Trust: 1.6
vendor:	hughes	model:	hn7000s	scope:	eq	version:	6.9.0.34	Trust: 1.6
vendor:	hughes	model:	hn7740s	scope:	eq	version:	6.9.0.34	Trust: 1.6
vendor:	hughes network	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	kontron s t	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	hughes network	model:	dw7000	scope:	-	version:	-	Trust: 0.8
vendor:	hughes network	model:	hn7000s/sm	scope:	-	version:	-	Trust: 0.8
vendor:	hughes network	model:	hn7740s	scope:	-	version:	-	Trust: 0.8
vendor:	hughes	model:	hn7740s	scope:	eq	version:	0	Trust: 0.3
vendor:	hughes	model:	hn7000s/sm	scope:	eq	version:	0	Trust: 0.3
vendor:	hughes	model:	dw7000	scope:	eq	version:	0	Trust: 0.3
vendor:	hughes	model:	hn7740s	scope:	ne	version:	6.9.0.34	Trust: 0.3
vendor:	hughes	model:	hn7000s/sm	scope:	ne	version:	6.9.0.34	Trust: 0.3
vendor:	hughes	model:	dw7000	scope:	ne	version:	6.9.0.34	Trust: 0.3

sources: CERT/CC: VU#614751 // BID: 96244 // JVNDB: JVNDB-2016-008414 // NVD: CVE-2016-9495 // CNNVD: CNNVD-201702-606

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2016-9495
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-201702-606
value:	HIGH
Trust: 0.6
VULHUB:	VHN-98315
value:	MEDIUM
Trust: 0.1

NVD:
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	6.5
impactScore:	6.4
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	FALSE
version:	2.0
Trust: 1.0
VULHUB:	VHN-98315
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	6.5
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

NVD:
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT_NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.0

sources: VULHUB: VHN-98315 // NVD: CVE-2016-9495 // CNNVD: CNNVD-201702-606

PROBLEMTYPE DATA

problemtype:	CWE-798	Trust: 1.9
problemtype:	CWE-306	Trust: 0.8
problemtype:	CWE-288	Trust: 0.8
problemtype:	CWE-20	Trust: 0.8

sources: VULHUB: VHN-98315 // JVNDB: JVNDB-2016-008414 // NVD: CVE-2016-9495

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201702-606

TYPE

trust management problem

Trust: 0.6

sources: CNNVD: CNNVD-201702-606

CONFIGURATIONS

sources: NVD: CVE-2016-9495

PATCH

title:	Broadband Satellite Modems, Routers, and Appliances	url:	https://www.hughes.com/technologies/broadband-satellite-systems/hn-systems	Trust: 0.8
title:	Multiple Hughes satellite modems Product security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=68209	Trust: 0.6

sources: JVNDB: JVNDB-2016-008414 // CNNVD: CNNVD-201702-606

EXTERNAL IDS

db:	CERT/CC	id:	VU#614751	Trust: 3.6
db:	NVD	id:	CVE-2016-9495	Trust: 2.8
db:	BID	id:	96244	Trust: 2.0
db:	JVN	id:	JVNVU93522863	Trust: 0.8
db:	JVNDB	id:	JVNDB-2016-008414	Trust: 0.8
db:	CNNVD	id:	CNNVD-201702-606	Trust: 0.7
db:	VULHUB	id:	VHN-98315	Trust: 0.1

sources: CERT/CC: VU#614751 // VULHUB: VHN-98315 // BID: 96244 // JVNDB: JVNDB-2016-008414 // NVD: CVE-2016-9495 // CNNVD: CNNVD-201702-606

REFERENCES

url:	https://www.kb.cert.org/vuls/id/614751	Trust: 2.5
url:	https://www.securityfocus.com/bid/96244	Trust: 1.7
url:	about vulnerability notes	Trust: 0.8
url:	contact us about this vulnerability	Trust: 0.8
url:	provide a vendor statement	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9495	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9496	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9497	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9494	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu93522863/index.html	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2016-9497	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2016-9494	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2016-9495	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2016-9496	Trust: 0.8
url:	http://www.hughes.com	Trust: 0.3
url:	http://www.kb.cert.org/vuls/id/614751	Trust: 0.3

sources: CERT/CC: VU#614751 // VULHUB: VHN-98315 // BID: 96244 // JVNDB: JVNDB-2016-008414 // NVD: CVE-2016-9495 // CNNVD: CNNVD-201702-606

CREDITS

anonymous

Trust: 0.3

sources: BID: 96244

SOURCES

db:	CERT/CC	id:	VU#614751
db:	VULHUB	id:	VHN-98315
db:	BID	id:	96244
db:	JVNDB	id:	JVNDB-2016-008414
db:	NVD	id:	CVE-2016-9495
db:	CNNVD	id:	CNNVD-201702-606

LAST UPDATE DATE

2023-12-18T12:50:39.265000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#614751	date:	2018-02-27T00:00:00
db:	VULHUB	id:	VHN-98315	date:	2019-10-09T00:00:00
db:	BID	id:	96244	date:	2017-03-07T04:02:00
db:	JVNDB	id:	JVNDB-2016-008414	date:	2017-05-17T00:00:00
db:	NVD	id:	CVE-2016-9495	date:	2019-10-09T23:20:32.490
db:	CNNVD	id:	CNNVD-201702-606	date:	2019-10-17T00:00:00

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#614751	date:	2017-02-15T00:00:00
db:	VULHUB	id:	VHN-98315	date:	2018-07-13T00:00:00
db:	BID	id:	96244	date:	2017-02-15T00:00:00
db:	JVNDB	id:	JVNDB-2016-008414	date:	2017-05-17T00:00:00
db:	NVD	id:	CVE-2016-9495	date:	2018-07-13T20:29:01.783
db:	CNNVD	id:	CNNVD-201702-606	date:	2017-02-20T00:00:00