ID

VAR-201910-0318


CVE

CVE-2019-9532


TITLE

Multiple vulnerabilities found in the Cobham EXPLORER 710 satcom terminal

Trust: 0.8

sources: CERT/CC: VU#719689

DESCRIPTION

The web application portal of the Cobham EXPLORER 710, firmware version 1.07, sends the login password in cleartext. This could allow an unauthenticated, local attacker to intercept the password and gain access to the portal. CERT/CC researchers examined the satcom terminal Cobham EXPLORER 710 as an expansion of work from IOActive’s findings in 2014. Cobham EXPLORER 710 is a portable satellite communications terminal used for satellite communications and Internet access. Cobham EXPLORER 710 The following multiple vulnerabilities exist in. CVE-2019-9529 Of the product Web The interface does not require authentication in its default state. CVE-2019-9530 There are no access restrictions on the document root directory of the product. Therefore, arbitrary files may be accessed by an attacker within the local network. CVE-2019-9531 Of the product 5454/tcp without authenticating to the port telnet connection is possible and telnet After connecting, 86 kind of Attention (AT) It is possible to execute commands. CVE-2019-9533 Firmware of the product v1.08 and all previous versions, the same root A password is used. By analyzing any applicable version of the firmware, an attacker can root It is possible to steal passwords. CVE-2019-9534 This product does not perform firmware image verification. Additionally, a development script left in the firmware allows you to upload and run a custom firmware image. Therefore, attackers within the local network can install tampered firmware, modify or steal communication content, install backdoors, and disrupt service operations. (DoS) Attacks may occur. In addition CERT/CC According to WiFi Because the password is set as HTTP It lacks headers and is also vulnerable to cross-site scripting and clickjacking attacks. These vulnerabilities are 2014 carried out in IOActive ’ s findings As a series of studies on CERT/CC newly discovered by researchers.The potential impact will vary for each vulnerability, but you may be affected by: * Leakage or falsification of information - CVE-2019-9529 , CVE-2019-9530 , CVE-2019-9531 , CVE-2019-9532 , CVE-2019-9533 , CVE-2019-9534* Execute arbitrary command - CVE-2019-9531* Service operation interruption (DoS) - CVE-2019-9534

Trust: 3.06

sources: NVD: CVE-2019-9532 // CERT/CC: VU#719689 // JVNDB: JVNDB-2019-010367 // CNVD: CNVD-2019-35800 // IVD: ffc2d02a-cc2f-43b4-a4c9-c45ef76a6268

IOT TAXONOMY

category:['IoT', 'ICS']sub_category: -

Trust: 0.6

category:['ICS']sub_category: -

Trust: 0.2

sources: IVD: ffc2d02a-cc2f-43b4-a4c9-c45ef76a6268 // CNVD: CNVD-2019-35800

AFFECTED PRODUCTS

vendor:cobhammodel:explorer 710scope:eqversion:1.07

Trust: 1.6

vendor:cobham plcmodel: - scope: - version: -

Trust: 0.8

vendor:cobham plcmodel:explorer 710scope:eqversion: -

Trust: 0.8

vendor:cobham plcmodel:explorer 710scope:eqversion:cobham explorer 710 firmware 1.07

Trust: 0.8

vendor:cobham plcmodel:explorer 710scope:lteversion:cobham explorer 710 firmware 1.08 and earlier

Trust: 0.8

vendor:cobhammodel:plc explorerscope:eqversion:7101.07

Trust: 0.6

vendor:cobhammodel:explorer 710scope:eqversion: -

Trust: 0.6

vendor:explorer 710model: - scope:eqversion:1.07

Trust: 0.2

sources: IVD: ffc2d02a-cc2f-43b4-a4c9-c45ef76a6268 // CERT/CC: VU#719689 // CNVD: CNVD-2019-35800 // JVNDB: JVNDB-2019-010367 // CNNVD: CNNVD-201910-705 // NVD: CVE-2019-9532

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-9532
value: HIGH

Trust: 1.0

NVD: CVE-2019-9532
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2019-35800
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201910-705
value: HIGH

Trust: 0.6

IVD: ffc2d02a-cc2f-43b4-a4c9-c45ef76a6268
value: HIGH

Trust: 0.2

nvd@nist.gov: CVE-2019-9532
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: CVE-2019-9532
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2019-35800
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: ffc2d02a-cc2f-43b4-a4c9-c45ef76a6268
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

nvd@nist.gov: CVE-2019-9532
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2019-9532
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: IVD: ffc2d02a-cc2f-43b4-a4c9-c45ef76a6268 // CNVD: CNVD-2019-35800 // JVNDB: JVNDB-2019-010367 // CNNVD: CNNVD-201910-705 // NVD: CVE-2019-9532

PROBLEMTYPE DATA

problemtype:CWE-319

Trust: 1.0

problemtype:Lack of authentication for critical features (CWE-306) [NVD evaluation ]

Trust: 0.8

problemtype: others (CWE-Other) [NVD evaluation ]

Trust: 0.8

problemtype: Inappropriate authentication (CWE-287) [NVD evaluation ]

Trust: 0.8

problemtype: Sending important information in clear text (CWE-319) [NVD evaluation ]

Trust: 0.8

problemtype: Use hard-coded credentials (CWE-798) [NVD evaluation ]

Trust: 0.8

problemtype: Incomplete integrity verification of downloaded code (CWE-494) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2019-010367 // NVD: CVE-2019-9532

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201910-705

TYPE

other

Trust: 0.8

sources: IVD: ffc2d02a-cc2f-43b4-a4c9-c45ef76a6268 // CNNVD: CNNVD-201910-705

PATCH

title:Ultra-Portable BGAN EXPLORER 710url:https://www.cobham.com/communications-and-connectivity/satcom/land-mobile-satcom-systems/ultra-portable-bgan/explorer-710/

Trust: 0.8

title:Patch for Cobham plc EXPLORER 710 has an unknown vulnerability (CNVD-2019-35800)url:https://www.cnvd.org.cn/patchInfo/show/185631

Trust: 0.6

title:Cobham plc EXPLORER 710 Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=99315

Trust: 0.6

sources: CNVD: CNVD-2019-35800 // JVNDB: JVNDB-2019-010367 // CNNVD: CNNVD-201910-705

EXTERNAL IDS

db:NVDid:CVE-2019-9532

Trust: 4.0

db:CERT/CCid:VU#719689

Trust: 3.2

db:CNVDid:CNVD-2019-35800

Trust: 0.8

db:CNNVDid:CNNVD-201910-705

Trust: 0.8

db:JVNid:JVNVU98031944

Trust: 0.8

db:JVNDBid:JVNDB-2019-010367

Trust: 0.8

db:IVDid:FFC2D02A-CC2F-43B4-A4C9-C45EF76A6268

Trust: 0.2

sources: IVD: ffc2d02a-cc2f-43b4-a4c9-c45ef76a6268 // CERT/CC: VU#719689 // CNVD: CNVD-2019-35800 // JVNDB: JVNDB-2019-010367 // CNNVD: CNNVD-201910-705 // NVD: CVE-2019-9532

REFERENCES

url:https://nvd.nist.gov/vuln/detail/cve-2019-9532

Trust: 2.0

url:https://ioactive.com/pdfs/ioactive_satcom_security_whitepaper.pdf

Trust: 1.6

url:https://www.owasp.org/index.php/clickjacking

Trust: 1.6

url:https://www.owasp.org/index.php/content_security_policy

Trust: 1.6

url:https://kb.cert.org/vuls/id/719689/

Trust: 1.6

url:https://www.cobham.com/communications-and-connectivity/satcom/land-mobile-satcomsystems/ultra-portable-bgan/explorer-710/

Trust: 0.8

url:https://jvn.jp/vu/jvnvu98031944/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-9529

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-9530

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-9531

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-9533

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-9534

Trust: 0.8

url:https://www.kb.cert.org/vuls/id/719689/

Trust: 0.8

sources: CERT/CC: VU#719689 // CNVD: CNVD-2019-35800 // JVNDB: JVNDB-2019-010367 // CNNVD: CNNVD-201910-705 // NVD: CVE-2019-9532

SOURCES

db:IVDid:ffc2d02a-cc2f-43b4-a4c9-c45ef76a6268
db:CERT/CCid:VU#719689
db:CNVDid:CNVD-2019-35800
db:JVNDBid:JVNDB-2019-010367
db:CNNVDid:CNNVD-201910-705
db:NVDid:CVE-2019-9532

LAST UPDATE DATE

2024-11-23T21:51:57.148000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#719689date:2019-10-11T00:00:00
db:CNVDid:CNVD-2019-35800date:2019-10-18T00:00:00
db:JVNDBid:JVNDB-2019-010367date:2024-03-05T08:16:00
db:CNNVDid:CNNVD-201910-705date:2019-10-21T00:00:00
db:NVDid:CVE-2019-9532date:2024-11-21T04:51:48.110

SOURCES RELEASE DATE

db:IVDid:ffc2d02a-cc2f-43b4-a4c9-c45ef76a6268date:2019-10-18T00:00:00
db:CERT/CCid:VU#719689date:2019-10-09T00:00:00
db:CNVDid:CNVD-2019-35800date:2019-10-18T00:00:00
db:JVNDBid:JVNDB-2019-010367date:2019-10-11T00:00:00
db:CNNVDid:CNNVD-201910-705date:2019-10-10T00:00:00
db:NVDid:CVE-2019-9532date:2019-10-10T20:15:11.410