Sign-up

ID

VAR-201910-1692


CVE

CVE-2019-9530


TITLE

Multiple vulnerabilities found in the Cobham EXPLORER 710 satcom terminal

Trust: 0.8

sources: CERT/CC: VU#719689

DESCRIPTION

The web root directory of the Cobham EXPLORER 710, firmware version 1.07, has no access restrictions on downloading and reading all files. This could allow an unauthenticated, local attacker connected to the device to access and download any file found in the web root directory. CERT/CC researchers examined the satcom terminal Cobham EXPLORER 710 as an expansion of work from IOActive’s findings in 2014. Cobham EXPLORER 710 is a portable satellite communications terminal used for satellite communications and Internet access. Cobham EXPLORER 710 The following multiple vulnerabilities exist in. CVE-2019-9529 Of the product Web The interface does not require authentication in its default state. Therefore, an attacker within the local network can Web The portal may be accessed and settings may be changed. Therefore, arbitrary files may be accessed by an attacker within the local network. CVE-2019-9531 Of the product 5454/tcp without authenticating to the port telnet connection is possible and telnet After connecting, 86 kind of Attention (AT) It is possible to execute commands. CVE-2019-9532 Of the product Web The interface sends the password for login in clear text. Therefore, password information may be stolen by an attacker within the local network. CVE-2019-9533 Firmware of the product v1.08 and all previous versions, the same root A password is used. By analyzing any applicable version of the firmware, an attacker can root It is possible to steal passwords. CVE-2019-9534 This product does not perform firmware image verification. Additionally, a development script left in the firmware allows you to upload and run a custom firmware image. Therefore, attackers within the local network can install tampered firmware, modify or steal communication content, install backdoors, and disrupt service operations. (DoS) Attacks may occur. In addition CERT/CC According to WiFi Because the password is set as HTTP It lacks headers and is also vulnerable to cross-site scripting and clickjacking attacks. These vulnerabilities are 2014 carried out in IOActive ’ s findings As a series of studies on CERT/CC newly discovered by researchers.The potential impact will vary for each vulnerability, but you may be affected by: * Leakage or falsification of information - CVE-2019-9529 , CVE-2019-9530 , CVE-2019-9531 , CVE-2019-9532 , CVE-2019-9533 , CVE-2019-9534* Execute arbitrary command - CVE-2019-9531* Service operation interruption (DoS) - CVE-2019-9534

Trust: 3.15

sources: NVD: CVE-2019-9530 // CERT/CC: VU#719689 // JVNDB: JVNDB-2019-010367 // CNVD: CNVD-2019-35794 // IVD: 0299e974-5745-47e9-b854-d1fa1a6a0291 // VULHUB: VHN-160965

IOT TAXONOMY

category:['IoT', 'ICS']sub_category: -

Trust: 0.6

category:['ICS']sub_category: -

Trust: 0.2

sources: IVD: 0299e974-5745-47e9-b854-d1fa1a6a0291 // CNVD: CNVD-2019-35794

AFFECTED PRODUCTS

vendor:cobhammodel:explorer 710scope:eqversion:1.07

Trust: 1.0

vendor:cobham plcmodel: - scope: - version: -

Trust: 0.8

vendor:cobham plcmodel:explorer 710scope:eqversion: -

Trust: 0.8

vendor:cobham plcmodel:explorer 710scope:eqversion:cobham explorer 710 firmware 1.07

Trust: 0.8

vendor:cobham plcmodel:explorer 710scope:lteversion:cobham explorer 710 firmware 1.08 and earlier

Trust: 0.8

vendor:cobhammodel:plc explorerscope:eqversion:7101.07

Trust: 0.6

vendor:explorer 710model: - scope:eqversion:1.07

Trust: 0.2

sources: IVD: 0299e974-5745-47e9-b854-d1fa1a6a0291 // CERT/CC: VU#719689 // CNVD: CNVD-2019-35794 // JVNDB: JVNDB-2019-010367 // NVD: CVE-2019-9530

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-9530
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-9530
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2019-35794
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201910-703
value: MEDIUM

Trust: 0.6

IVD: 0299e974-5745-47e9-b854-d1fa1a6a0291
value: MEDIUM

Trust: 0.2

VULHUB: VHN-160965
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-9530
severity: MEDIUM
baseScore: 4.9
vectorString: AV:L/AC:L/AU:N/C:C/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: CVE-2019-9530
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2019-35794
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 0299e974-5745-47e9-b854-d1fa1a6a0291
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-160965
severity: MEDIUM
baseScore: 4.9
vectorString: AV:L/AC:L/AU:N/C:C/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-9530
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2019-9530
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: IVD: 0299e974-5745-47e9-b854-d1fa1a6a0291 // CNVD: CNVD-2019-35794 // VULHUB: VHN-160965 // JVNDB: JVNDB-2019-010367 // CNNVD: CNNVD-201910-703 // NVD: CVE-2019-9530

PROBLEMTYPE DATA

problemtype:CWE-284

Trust: 1.0

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:Lack of authentication for critical features (CWE-306) [NVD evaluation ]

Trust: 0.8

problemtype: others (CWE-Other) [NVD evaluation ]

Trust: 0.8

problemtype: Inappropriate authentication (CWE-287) [NVD evaluation ]

Trust: 0.8

problemtype: Sending important information in clear text (CWE-319) [NVD evaluation ]

Trust: 0.8

problemtype: Use hard-coded credentials (CWE-798) [NVD evaluation ]

Trust: 0.8

problemtype: Incomplete integrity verification of downloaded code (CWE-494) [NVD evaluation ]

Trust: 0.8

problemtype:CWE-200

Trust: 0.1

sources: VULHUB: VHN-160965 // JVNDB: JVNDB-2019-010367 // NVD: CVE-2019-9530

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201910-703

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201910-703

PATCH

title:Ultra-Portable BGAN EXPLORER 710url:https://www.cobham.com/communications-and-connectivity/satcom/land-mobile-satcom-systems/ultra-portable-bgan/explorer-710/

Trust: 0.8

title:Patch for Cobham plc EXPLORER 710 has an unknown vulnerability (CNVD-2019-35794)url:https://www.cnvd.org.cn/patchInfo/show/185635

Trust: 0.6

title:Cobham plc EXPLORER 710 Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=99313

Trust: 0.6

sources: CNVD: CNVD-2019-35794 // JVNDB: JVNDB-2019-010367 // CNNVD: CNNVD-201910-703

EXTERNAL IDS

db:NVDid:CVE-2019-9530

Trust: 4.1

db:CERT/CCid:VU#719689

Trust: 3.3

db:CNVDid:CNVD-2019-35794

Trust: 0.8

db:CNNVDid:CNNVD-201910-703

Trust: 0.8

db:JVNid:JVNVU98031944

Trust: 0.8

db:JVNDBid:JVNDB-2019-010367

Trust: 0.8

db:IVDid:0299E974-5745-47E9-B854-D1FA1A6A0291

Trust: 0.2

db:VULHUBid:VHN-160965

Trust: 0.1

sources: IVD: 0299e974-5745-47e9-b854-d1fa1a6a0291 // CERT/CC: VU#719689 // CNVD: CNVD-2019-35794 // VULHUB: VHN-160965 // JVNDB: JVNDB-2019-010367 // CNNVD: CNNVD-201910-703 // NVD: CVE-2019-9530

REFERENCES

url:https://nvd.nist.gov/vuln/detail/cve-2019-9530

Trust: 2.0

url:https://kb.cert.org/vuls/id/719689/

Trust: 1.7

url:https://ioactive.com/pdfs/ioactive_satcom_security_whitepaper.pdf

Trust: 1.6

url:https://www.owasp.org/index.php/clickjacking

Trust: 1.6

url:https://www.owasp.org/index.php/content_security_policy

Trust: 1.6

url:https://www.cobham.com/communications-and-connectivity/satcom/land-mobile-satcomsystems/ultra-portable-bgan/explorer-710/

Trust: 0.8

url:https://jvn.jp/vu/jvnvu98031944/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-9529

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-9531

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-9532

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-9533

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-9534

Trust: 0.8

url:https://www.kb.cert.org/vuls/id/719689/

Trust: 0.8

sources: CERT/CC: VU#719689 // CNVD: CNVD-2019-35794 // VULHUB: VHN-160965 // JVNDB: JVNDB-2019-010367 // CNNVD: CNNVD-201910-703 // NVD: CVE-2019-9530

SOURCES

db:IVDid:0299e974-5745-47e9-b854-d1fa1a6a0291
db:CERT/CCid:VU#719689
db:CNVDid:CNVD-2019-35794
db:VULHUBid:VHN-160965
db:JVNDBid:JVNDB-2019-010367
db:CNNVDid:CNNVD-201910-703
db:NVDid:CVE-2019-9530

LAST UPDATE DATE

2024-11-23T21:51:57.183000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#719689date:2019-10-11T00:00:00
db:CNVDid:CNVD-2019-35794date:2019-10-18T00:00:00
db:VULHUBid:VHN-160965date:2019-10-16T00:00:00
db:JVNDBid:JVNDB-2019-010367date:2024-03-05T08:16:00
db:CNNVDid:CNNVD-201910-703date:2021-10-27T00:00:00
db:NVDid:CVE-2019-9530date:2024-11-21T04:51:47.880

SOURCES RELEASE DATE

db:IVDid:0299e974-5745-47e9-b854-d1fa1a6a0291date:2019-10-18T00:00:00
db:CERT/CCid:VU#719689date:2019-10-09T00:00:00
db:CNVDid:CNVD-2019-35794date:2019-10-18T00:00:00
db:VULHUBid:VHN-160965date:2019-10-10T00:00:00
db:JVNDBid:JVNDB-2019-010367date:2019-10-11T00:00:00
db:CNNVDid:CNNVD-201910-703date:2019-10-10T00:00:00
db:NVDid:CVE-2019-9530date:2019-10-10T20:15:11.270