ID
VAR-201910-0320
CVE
CVE-2019-9534
TITLE
Multiple vulnerabilities found in the Cobham EXPLORER 710 satcom terminal
Trust: 0.8
DESCRIPTION
The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. Development scripts left in the firmware can be used to upload a custom firmware image that the device runs. This could allow an unauthenticated, local attacker to upload their own firmware that could be used to intercept or modify traffic, spoof or intercept GPS traffic, exfiltrate private data, hide a backdoor, or cause a denial-of-service. CERT/CC researchers examined the satcom terminal Cobham EXPLORER 710 as an expansion of work from IOActive’s findings in 2014. Cobham EXPLORER 710 is a portable satellite communications terminal used for satellite communications and Internet access. Cobham EXPLORER 710 The following multiple vulnerabilities exist in. CVE-2019-9529 Of the product Web The interface does not require authentication in its default state. Therefore, an attacker within the local network can Web The portal may be accessed and settings may be changed. CVE-2019-9530 There are no access restrictions on the document root directory of the product. Therefore, arbitrary files may be accessed by an attacker within the local network. CVE-2019-9531 Of the product 5454/tcp without authenticating to the port telnet connection is possible and telnet After connecting, 86 kind of Attention (AT) It is possible to execute commands. This could allow a remote attacker to access the device and execute these commands. CVE-2019-9532 Of the product Web The interface sends the password for login in clear text. Therefore, password information may be stolen by an attacker within the local network. CVE-2019-9533 Firmware of the product v1.08 and all previous versions, the same root A password is used. By analyzing any applicable version of the firmware, an attacker can root It is possible to steal passwords. Therefore, attackers within the local network can install tampered firmware, modify or steal communication content, install backdoors, and disrupt service operations. (DoS) Attacks may occur. In addition CERT/CC According to WiFi Because the password is set as HTTP It lacks headers and is also vulnerable to cross-site scripting and clickjacking attacks. These vulnerabilities are 2014 carried out in IOActive ’ s findings As a series of studies on CERT/CC newly discovered by researchers.The potential impact will vary for each vulnerability, but you may be affected by: * Leakage or falsification of information - CVE-2019-9529 , CVE-2019-9530 , CVE-2019-9531 , CVE-2019-9532 , CVE-2019-9533 , CVE-2019-9534* Execute arbitrary command - CVE-2019-9531* Service operation interruption (DoS) - CVE-2019-9534
Trust: 3.06
IOT TAXONOMY
| category: | ['IoT', 'ICS'] | sub_category: | - | Trust: 0.6 |
| category: | ['ICS'] | sub_category: | - | Trust: 0.2 |
AFFECTED PRODUCTS
| vendor: | cobham | model: | explorer 710 | scope: | eq | version: | 1.07 | Trust: 1.6 |
| vendor: | cobham plc | model: | - | scope: | - | version: | - | Trust: 0.8 |
| vendor: | cobham plc | model: | explorer 710 | scope: | eq | version: | - | Trust: 0.8 |
| vendor: | cobham plc | model: | explorer 710 | scope: | eq | version: | cobham explorer 710 firmware 1.07 | Trust: 0.8 |
| vendor: | cobham plc | model: | explorer 710 | scope: | lte | version: | cobham explorer 710 firmware 1.08 and earlier | Trust: 0.8 |
| vendor: | cobham | model: | plc explorer | scope: | eq | version: | 7101.07 | Trust: 0.6 |
| vendor: | cobham | model: | explorer 710 | scope: | eq | version: | - | Trust: 0.6 |
| vendor: | explorer 710 | model: | - | scope: | eq | version: | 1.07 | Trust: 0.2 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-494 | Trust: 1.0 |
| problemtype: | Lack of authentication for critical features (CWE-306) [NVD evaluation ] | Trust: 0.8 |
| problemtype: | others (CWE-Other) [NVD evaluation ] | Trust: 0.8 |
| problemtype: | Inappropriate authentication (CWE-287) [NVD evaluation ] | Trust: 0.8 |
| problemtype: | Sending important information in clear text (CWE-319) [NVD evaluation ] | Trust: 0.8 |
| problemtype: | Use hard-coded credentials (CWE-798) [NVD evaluation ] | Trust: 0.8 |
| problemtype: | Incomplete integrity verification of downloaded code (CWE-494) [NVD evaluation ] | Trust: 0.8 |
THREAT TYPE
local
Trust: 0.6
TYPE
Code problem
Trust: 0.8
PATCH
| title: | Ultra-Portable BGAN EXPLORER 710 | url: | https://www.cobham.com/communications-and-connectivity/satcom/land-mobile-satcom-systems/ultra-portable-bgan/explorer-710/ | Trust: 0.8 |
| title: | Patch for Cobham plc EXPLORER 710 has an unknown vulnerability | url: | https://www.cnvd.org.cn/patchInfo/show/185627 | Trust: 0.6 |
| title: | Cobham plc EXPLORER 710 Security vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=99317 | Trust: 0.6 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2019-9534 | Trust: 4.0 |
| db: | CERT/CC | id: | VU#719689 | Trust: 3.2 |
| db: | CNVD | id: | CNVD-2019-35798 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201910-707 | Trust: 0.8 |
| db: | JVN | id: | JVNVU98031944 | Trust: 0.8 |
| db: | JVNDB | id: | JVNDB-2019-010367 | Trust: 0.8 |
| db: | IVD | id: | B37781A8-AE4E-42C7-A32D-28E5F88BE4E6 | Trust: 0.2 |
REFERENCES
| url: | https://nvd.nist.gov/vuln/detail/cve-2019-9534 | Trust: 2.0 |
| url: | https://ioactive.com/pdfs/ioactive_satcom_security_whitepaper.pdf | Trust: 1.6 |
| url: | https://www.owasp.org/index.php/clickjacking | Trust: 1.6 |
| url: | https://www.owasp.org/index.php/content_security_policy | Trust: 1.6 |
| url: | https://kb.cert.org/vuls/id/719689/ | Trust: 1.6 |
| url: | https://www.cobham.com/communications-and-connectivity/satcom/land-mobile-satcomsystems/ultra-portable-bgan/explorer-710/ | Trust: 0.8 |
| url: | https://jvn.jp/vu/jvnvu98031944/ | Trust: 0.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2019-9529 | Trust: 0.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2019-9530 | Trust: 0.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2019-9531 | Trust: 0.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2019-9532 | Trust: 0.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2019-9533 | Trust: 0.8 |
| url: | https://www.kb.cert.org/vuls/id/719689/ | Trust: 0.8 |
SOURCES
| db: | IVD | id: | b37781a8-ae4e-42c7-a32d-28e5f88be4e6 |
| db: | CERT/CC | id: | VU#719689 |
| db: | CNVD | id: | CNVD-2019-35798 |
| db: | JVNDB | id: | JVNDB-2019-010367 |
| db: | CNNVD | id: | CNNVD-201910-707 |
| db: | NVD | id: | CVE-2019-9534 |
LAST UPDATE DATE
2024-11-23T21:51:57.114000+00:00
SOURCES UPDATE DATE
| db: | CERT/CC | id: | VU#719689 | date: | 2019-10-11T00:00:00 |
| db: | CNVD | id: | CNVD-2019-35798 | date: | 2019-10-18T00:00:00 |
| db: | JVNDB | id: | JVNDB-2019-010367 | date: | 2024-03-05T08:16:00 |
| db: | CNNVD | id: | CNNVD-201910-707 | date: | 2019-10-17T00:00:00 |
| db: | NVD | id: | CVE-2019-9534 | date: | 2024-11-21T04:51:48.330 |
SOURCES RELEASE DATE
| db: | IVD | id: | b37781a8-ae4e-42c7-a32d-28e5f88be4e6 | date: | 2019-10-18T00:00:00 |
| db: | CERT/CC | id: | VU#719689 | date: | 2019-10-09T00:00:00 |
| db: | CNVD | id: | CNVD-2019-35798 | date: | 2019-10-18T00:00:00 |
| db: | JVNDB | id: | JVNDB-2019-010367 | date: | 2019-10-11T00:00:00 |
| db: | CNNVD | id: | CNNVD-201910-707 | date: | 2019-10-10T00:00:00 |
| db: | NVD | id: | CVE-2019-9534 | date: | 2019-10-10T20:15:11.537 |