PT-2014-4970 · Cobham · Cobham Sailor 900+1

Ruben Santamarta

Published

2014-08-15

Updated

2014-08-15

CVE-2014-2940

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Cobham Sailor 900 and 6000 satellite terminals with firmware 1.08 MFHF and 2.11 VHF

Description The issue concerns hardcoded credentials for the administrator account in the affected satellite terminals. This allows attackers to gain administrative control by leveraging physical access or terminal access.

Recommendations For Cobham Sailor 900 and 6000 satellite terminals with firmware 1.08 MFHF and 2.11 VHF, consider changing the hardcoded administrator credentials to unique, strong passwords as soon as possible to prevent unauthorized access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2014-2940

Affected Products

Cobham Sailor 6000

Cobham Sailor 900

PT-2014-4970 · Cobham · Cobham Sailor 900+1

CVE-2014-2940

Related Identifiers

Affected Products

References · 2