Vulnerability-Lookup

CVE-2019-9534 (GCVE-0-2019-9534)

Vulnerability from cvelistv5 – Published: 2019-10-10 20:09 – Updated: 2024-09-17 00:15

Title

The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image

Summary

Severity ?

No CVSS data available.

CWE

CWE-494 - Download of Code Without Integrity Check

Assigner

certcc

References

URL

Tags

https://kb.cert.org/vuls/id/719689/

third-party-advisoryx_refsource_CERT-VN

Impacted products

	Vendor	Product	Version
	Cobham plc	Explorer 710	Affected: 1.07

Credits

This issue was found by Kyle O'Meara and David Belasco.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T21:54:44.413Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VU#719689",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://kb.cert.org/vuls/id/719689/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Explorer 710",
          "vendor": "Cobham plc",
          "versions": [
            {
              "status": "affected",
              "version": "1.07"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Kyle O\u0027Meara and David Belasco."
        }
      ],
      "datePublic": "2019-10-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. Development scripts left in the firmware can be used to upload a custom firmware image that the device runs. This could allow an unauthenticated, local attacker to upload their own firmware that could be used to intercept or modify traffic, spoof or intercept GPS traffic, exfiltrate private data, hide a backdoor, or cause a denial-of-service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-494",
              "description": "CWE-494 Download of Code Without Integrity Check",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-10T20:09:47",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "VU#719689",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://kb.cert.org/vuls/id/719689/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image",
      "x_generator": {
        "engine": "Vulnogram 0.0.8"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "DATE_PUBLIC": "2019-10-09T04:00:00.000Z",
          "ID": "CVE-2019-9534",
          "STATE": "PUBLIC",
          "TITLE": "The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Explorer 710",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_name": "1.07",
                            "version_value": "1.07"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cobham plc"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Kyle O\u0027Meara and David Belasco."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. Development scripts left in the firmware can be used to upload a custom firmware image that the device runs. This could allow an unauthenticated, local attacker to upload their own firmware that could be used to intercept or modify traffic, spoof or intercept GPS traffic, exfiltrate private data, hide a backdoor, or cause a denial-of-service."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.8"
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-494 Download of Code Without Integrity Check"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#719689",
              "refsource": "CERT-VN",
              "url": "https://kb.cert.org/vuls/id/719689/"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2019-9534",
    "datePublished": "2019-10-10T20:09:47.814464Z",
    "dateReserved": "2019-03-01T00:00:00",
    "dateUpdated": "2024-09-17T00:15:54.409Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cobham:explorer_710_firmware:1.07:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ADA493F5-3AA0-4A1E-81CD-1AE01B9BD4D8\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cobham:explorer_710:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEF6DB4B-2304-4E4C-92A1-BAF622E39BF1\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. Development scripts left in the firmware can be used to upload a custom firmware image that the device runs. This could allow an unauthenticated, local attacker to upload their own firmware that could be used to intercept or modify traffic, spoof or intercept GPS traffic, exfiltrate private data, hide a backdoor, or cause a denial-of-service.\"}, {\"lang\": \"es\", \"value\": \"El Cobham EXPLORER 710, versi\\u00f3n de firmware 1.07, no comprueba su imagen de firmware. Los scripts de desarrollo que quedan en el firmware pueden ser usados para cargar una imagen de firmware personalizada que ejecuta el dispositivo. Esto podr\\u00eda permitir a un atacante local no autenticado cargar su propio firmware que podr\\u00eda ser usado para interceptar o modificar el tr\\u00e1fico, falsificar o interceptar el tr\\u00e1fico GPS, filtrar datos privados, ocultar una backdoor o causar una denegaci\\u00f3n de servicio.\"}]",
      "id": "CVE-2019-9534",
      "lastModified": "2024-11-21T04:51:48.330",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2019-10-10T20:15:11.537",
      "references": "[{\"url\": \"https://kb.cert.org/vuls/id/719689/\", \"source\": \"cret@cert.org\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://kb.cert.org/vuls/id/719689/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}]",
      "sourceIdentifier": "cret@cert.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"cret@cert.org\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-494\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-494\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-9534\",\"sourceIdentifier\":\"cret@cert.org\",\"published\":\"2019-10-10T20:15:11.537\",\"lastModified\":\"2024-11-21T04:51:48.330\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. Development scripts left in the firmware can be used to upload a custom firmware image that the device runs. This could allow an unauthenticated, local attacker to upload their own firmware that could be used to intercept or modify traffic, spoof or intercept GPS traffic, exfiltrate private data, hide a backdoor, or cause a denial-of-service.\"},{\"lang\":\"es\",\"value\":\"El Cobham EXPLORER 710, versi\u00f3n de firmware 1.07, no comprueba su imagen de firmware. Los scripts de desarrollo que quedan en el firmware pueden ser usados para cargar una imagen de firmware personalizada que ejecuta el dispositivo. Esto podr\u00eda permitir a un atacante local no autenticado cargar su propio firmware que podr\u00eda ser usado para interceptar o modificar el tr\u00e1fico, falsificar o interceptar el tr\u00e1fico GPS, filtrar datos privados, ocultar una backdoor o causar una denegaci\u00f3n de servicio.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cret@cert.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-494\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-494\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cobham:explorer_710_firmware:1.07:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADA493F5-3AA0-4A1E-81CD-1AE01B9BD4D8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cobham:explorer_710:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEF6DB4B-2304-4E4C-92A1-BAF622E39BF1\"}]}]}],\"references\":[{\"url\":\"https://kb.cert.org/vuls/id/719689/\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://kb.cert.org/vuls/id/719689/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}]}}"
  }
}

VAR-201910-0320

Vulnerability from variot - Updated: 2024-03-18 22:14

The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. Development scripts left in the firmware can be used to upload a custom firmware image that the device runs. This could allow an unauthenticated, local attacker to upload their own firmware that could be used to intercept or modify traffic, spoof or intercept GPS traffic, exfiltrate private data, hide a backdoor, or cause a denial-of-service. CERT/CC researchers examined the satcom terminal Cobham EXPLORER 710 as an expansion of work from IOActive’s findings in 2014. Cobham EXPLORER 710 is a portable satellite communications terminal used for satellite communications and Internet access. Cobham EXPLORER 710 The following multiple vulnerabilities exist in. CVE-2019-9529 Of the product Web The interface does not require authentication in its default state. Therefore, an attacker within the local network can Web The portal may be accessed and settings may be changed. CVE-2019-9530 There are no access restrictions on the document root directory of the product. Therefore, arbitrary files may be accessed by an attacker within the local network. CVE-2019-9531 Of the product 5454/tcp without authenticating to the port telnet connection is possible and telnet After connecting, 86 kind of Attention (AT) It is possible to execute commands. This could allow a remote attacker to access the device and execute these commands. CVE-2019-9532 Of the product Web The interface sends the password for login in clear text. Therefore, password information may be stolen by an attacker within the local network. CVE-2019-9533 Firmware of the product v1.08 and all previous versions, the same root A password is used. By analyzing any applicable version of the firmware, an attacker can root It is possible to steal passwords. Therefore, attackers within the local network can install tampered firmware, modify or steal communication content, install backdoors, and disrupt service operations. (DoS) Attacks may occur. In addition CERT/CC According to WiFi Because the password is set as HTTP It lacks headers and is also vulnerable to cross-site scripting and clickjacking attacks. These vulnerabilities are 2014 carried out in IOActive ’ s findings As a series of studies on CERT/CC newly discovered by researchers.The potential impact will vary for each vulnerability, but you may be affected by: * Leakage or falsification of information - CVE-2019-9529 , CVE-2019-9530 , CVE-2019-9531 , CVE-2019-9532 , CVE-2019-9533 , CVE-2019-9534 Execute arbitrary command - CVE-2019-9531 Service operation interruption (DoS) - CVE-2019-9534

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201910-0320",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "explorer 710",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cobham",
        "version": "1.07"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "cobham plc",
        "version": null
      },
      {
        "model": "explorer 710",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cobham plc",
        "version": null
      },
      {
        "model": "explorer 710",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cobham plc",
        "version": "cobham explorer 710  firmware    1.07"
      },
      {
        "model": "explorer 710",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "cobham plc",
        "version": "cobham explorer 710  firmware    1.08  and earlier"
      },
      {
        "model": "plc explorer",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cobham",
        "version": "7101.07"
      },
      {
        "model": "explorer 710",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cobham",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "explorer 710",
        "version": "1.07"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b37781a8-ae4e-42c7-a32d-28e5f88be4e6"
      },
      {
        "db": "CERT/CC",
        "id": "VU#719689"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-35798"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010367"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-707"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-9534"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cobham:explorer_710_firmware:1.07:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cobham:explorer_710:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-9534"
      }
    ]
  },
  "cve": "CVE-2019-9534",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 10.0,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2019-9534",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "CNVD-2019-35798",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "b37781a8-ae4e-42c7-a32d-28e5f88be4e6",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2019-9534",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2019-9534",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2019-9534",
            "trust": 0.8,
            "value": "Critical"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2019-35798",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201910-707",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "b37781a8-ae4e-42c7-a32d-28e5f88be4e6",
            "trust": 0.2,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b37781a8-ae4e-42c7-a32d-28e5f88be4e6"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-35798"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010367"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-707"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-9534"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. Development scripts left in the firmware can be used to upload a custom firmware image that the device runs. This could allow an unauthenticated, local attacker to upload their own firmware that could be used to intercept or modify traffic, spoof or intercept GPS traffic, exfiltrate private data, hide a backdoor, or cause a denial-of-service. CERT/CC researchers examined the satcom terminal Cobham EXPLORER 710 as an expansion of work from IOActive\u2019s findings in 2014. Cobham EXPLORER 710 is a portable satellite communications terminal used for satellite communications and Internet access. Cobham EXPLORER 710 The following multiple vulnerabilities exist in. CVE-2019-9529 Of the product Web The interface does not require authentication in its default state. Therefore, an attacker within the local network can Web The portal may be accessed and settings may be changed. CVE-2019-9530 There are no access restrictions on the document root directory of the product. Therefore, arbitrary files may be accessed by an attacker within the local network. CVE-2019-9531 Of the product 5454/tcp without authenticating to the port telnet connection is possible and telnet After connecting, 86 kind of Attention (AT) It is possible to execute commands. This could allow a remote attacker to access the device and execute these commands. CVE-2019-9532 Of the product Web The interface sends the password for login in clear text. Therefore, password information may be stolen by an attacker within the local network. CVE-2019-9533 Firmware of the product v1.08 and all previous versions, the same root A password is used. By analyzing any applicable version of the firmware, an attacker can root It is possible to steal passwords. Therefore, attackers within the local network can install tampered firmware, modify or steal communication content, install backdoors, and disrupt service operations. (DoS) Attacks may occur. In addition CERT/CC According to WiFi Because the password is set as HTTP It lacks headers and is also vulnerable to cross-site scripting and clickjacking attacks. These vulnerabilities are 2014 carried out in IOActive \u2019 s findings As a series of studies on CERT/CC newly discovered by researchers.The potential impact will vary for each vulnerability, but you may be affected by: * Leakage or falsification of information - CVE-2019-9529 , CVE-2019-9530 , CVE-2019-9531 , CVE-2019-9532 , CVE-2019-9533 , CVE-2019-9534* Execute arbitrary command - CVE-2019-9531* Service operation interruption (DoS) - CVE-2019-9534",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-9534"
      },
      {
        "db": "CERT/CC",
        "id": "VU#719689"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010367"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-35798"
      },
      {
        "db": "IVD",
        "id": "b37781a8-ae4e-42c7-a32d-28e5f88be4e6"
      }
    ],
    "trust": 3.06
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-9534",
        "trust": 4.0
      },
      {
        "db": "CERT/CC",
        "id": "VU#719689",
        "trust": 3.2
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-35798",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-707",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU98031944",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010367",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "B37781A8-AE4E-42C7-A32D-28E5F88BE4E6",
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b37781a8-ae4e-42c7-a32d-28e5f88be4e6"
      },
      {
        "db": "CERT/CC",
        "id": "VU#719689"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-35798"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010367"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-707"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-9534"
      }
    ]
  },
  "id": "VAR-201910-0320",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "b37781a8-ae4e-42c7-a32d-28e5f88be4e6"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-35798"
      }
    ],
    "trust": 1.8
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "IoT",
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      },
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b37781a8-ae4e-42c7-a32d-28e5f88be4e6"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-35798"
      }
    ]
  },
  "last_update_date": "2024-03-18T22:14:34.893000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Ultra-Portable\u00a0BGAN\u00a0EXPLORER\u00a0710",
        "trust": 0.8,
        "url": "https://www.cobham.com/communications-and-connectivity/satcom/land-mobile-satcom-systems/ultra-portable-bgan/explorer-710/"
      },
      {
        "title": "Patch for Cobham plc EXPLORER 710 has an unknown vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/185627"
      },
      {
        "title": "Cobham plc EXPLORER 710 Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=99317"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-35798"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010367"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-707"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-494",
        "trust": 1.0
      },
      {
        "problemtype": "Lack of authentication for critical features (CWE-306) [NVD evaluation ]",
        "trust": 0.8
      },
      {
        "problemtype": " others (CWE-Other) [NVD evaluation ]",
        "trust": 0.8
      },
      {
        "problemtype": " Inappropriate authentication (CWE-287) [NVD evaluation ]",
        "trust": 0.8
      },
      {
        "problemtype": " Sending important information in clear text (CWE-319) [NVD evaluation ]",
        "trust": 0.8
      },
      {
        "problemtype": " Use hard-coded credentials (CWE-798) [NVD evaluation ]",
        "trust": 0.8
      },
      {
        "problemtype": " Incomplete integrity verification of downloaded code (CWE-494) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010367"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-9534"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9534"
      },
      {
        "trust": 1.6,
        "url": "https://ioactive.com/pdfs/ioactive_satcom_security_whitepaper.pdf"
      },
      {
        "trust": 1.6,
        "url": "https://www.owasp.org/index.php/clickjacking"
      },
      {
        "trust": 1.6,
        "url": "https://www.owasp.org/index.php/content_security_policy"
      },
      {
        "trust": 1.6,
        "url": "https://kb.cert.org/vuls/id/719689/"
      },
      {
        "trust": 0.8,
        "url": "https://www.cobham.com/communications-and-connectivity/satcom/land-mobile-satcomsystems/ultra-portable-bgan/explorer-710/"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu98031944/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9529"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9530"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9531"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9532"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9533"
      },
      {
        "trust": 0.8,
        "url": "https://www.kb.cert.org/vuls/id/719689/"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#719689"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-35798"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010367"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-707"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-9534"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "b37781a8-ae4e-42c7-a32d-28e5f88be4e6"
      },
      {
        "db": "CERT/CC",
        "id": "VU#719689"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-35798"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010367"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-707"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-9534"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-18T00:00:00",
        "db": "IVD",
        "id": "b37781a8-ae4e-42c7-a32d-28e5f88be4e6"
      },
      {
        "date": "2019-10-09T00:00:00",
        "db": "CERT/CC",
        "id": "VU#719689"
      },
      {
        "date": "2019-10-18T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-35798"
      },
      {
        "date": "2019-10-11T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-010367"
      },
      {
        "date": "2019-10-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201910-707"
      },
      {
        "date": "2019-10-10T20:15:11.537000",
        "db": "NVD",
        "id": "CVE-2019-9534"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-11T00:00:00",
        "db": "CERT/CC",
        "id": "VU#719689"
      },
      {
        "date": "2019-10-18T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-35798"
      },
      {
        "date": "2024-03-05T08:16:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-010367"
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201910-707"
      },
      {
        "date": "2024-02-15T21:20:26.287000",
        "db": "NVD",
        "id": "CVE-2019-9534"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-707"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple vulnerabilities found in the Cobham EXPLORER 710 satcom terminal",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#719689"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Code problem",
    "sources": [
      {
        "db": "IVD",
        "id": "b37781a8-ae4e-42c7-a32d-28e5f88be4e6"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-707"
      }
    ],
    "trust": 0.8
  }
}

GSD-2019-9534

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2019-9534

Aliases

CVE-2019-9534

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-9534",
    "description": "The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. Development scripts left in the firmware can be used to upload a custom firmware image that the device runs. This could allow an unauthenticated, local attacker to upload their own firmware that could be used to intercept or modify traffic, spoof or intercept GPS traffic, exfiltrate private data, hide a backdoor, or cause a denial-of-service.",
    "id": "GSD-2019-9534"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-9534"
      ],
      "details": "The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. Development scripts left in the firmware can be used to upload a custom firmware image that the device runs. This could allow an unauthenticated, local attacker to upload their own firmware that could be used to intercept or modify traffic, spoof or intercept GPS traffic, exfiltrate private data, hide a backdoor, or cause a denial-of-service.",
      "id": "GSD-2019-9534",
      "modified": "2023-12-13T01:23:47.031460Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cert@cert.org",
        "DATE_PUBLIC": "2019-10-09T04:00:00.000Z",
        "ID": "CVE-2019-9534",
        "STATE": "PUBLIC",
        "TITLE": "The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Explorer 710",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_name": "1.07",
                          "version_value": "1.07"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Cobham plc"
            }
          ]
        }
      },
      "credit": [
        {
          "lang": "eng",
          "value": "This issue was found by Kyle O\u0027Meara and David Belasco."
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. Development scripts left in the firmware can be used to upload a custom firmware image that the device runs. This could allow an unauthenticated, local attacker to upload their own firmware that could be used to intercept or modify traffic, spoof or intercept GPS traffic, exfiltrate private data, hide a backdoor, or cause a denial-of-service."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.0.8"
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-494 Download of Code Without Integrity Check"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "VU#719689",
            "refsource": "CERT-VN",
            "url": "https://kb.cert.org/vuls/id/719689/"
          }
        ]
      },
      "source": {
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:cobham:explorer_710_firmware:1.07:*:*:*:*:*:*:*",
                    "matchCriteriaId": "ADA493F5-3AA0-4A1E-81CD-1AE01B9BD4D8",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:cobham:explorer_710:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "DEF6DB4B-2304-4E4C-92A1-BAF622E39BF1",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. Development scripts left in the firmware can be used to upload a custom firmware image that the device runs. This could allow an unauthenticated, local attacker to upload their own firmware that could be used to intercept or modify traffic, spoof or intercept GPS traffic, exfiltrate private data, hide a backdoor, or cause a denial-of-service."
          },
          {
            "lang": "es",
            "value": "El Cobham EXPLORER 710, versi\u00f3n de firmware 1.07, no comprueba su imagen de firmware. Los scripts de desarrollo que quedan en el firmware pueden ser usados para cargar una imagen de firmware personalizada que ejecuta el dispositivo. Esto podr\u00eda permitir a un atacante local no autenticado cargar su propio firmware que podr\u00eda ser usado para interceptar o modificar el tr\u00e1fico, falsificar o interceptar el tr\u00e1fico GPS, filtrar datos privados, ocultar una backdoor o causar una denegaci\u00f3n de servicio."
          }
        ],
        "id": "CVE-2019-9534",
        "lastModified": "2024-02-15T21:20:26.287",
        "metrics": {
          "cvssMetricV2": [
            {
              "acInsufInfo": false,
              "baseSeverity": "HIGH",
              "cvssData": {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "integrityImpact": "COMPLETE",
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              "exploitabilityScore": 3.9,
              "impactScore": 10.0,
              "obtainAllPrivilege": false,
              "obtainOtherPrivilege": false,
              "obtainUserPrivilege": false,
              "source": "nvd@nist.gov",
              "type": "Primary",
              "userInteractionRequired": false
            }
          ],
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 1.8,
              "impactScore": 5.9,
              "source": "nvd@nist.gov",
              "type": "Primary"
            }
          ]
        },
        "published": "2019-10-10T20:15:11.537",
        "references": [
          {
            "source": "cret@cert.org",
            "tags": [
              "Third Party Advisory",
              "US Government Resource"
            ],
            "url": "https://kb.cert.org/vuls/id/719689/"
          }
        ],
        "sourceIdentifier": "cret@cert.org",
        "vulnStatus": "Analyzed",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-494"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          },
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-494"
              }
            ],
            "source": "cret@cert.org",
            "type": "Secondary"
          }
        ]
      }
    }
  }
}

GHSA-367V-CJ33-9229

Vulnerability from github – Published: 2022-05-24 16:58 – Updated: 2024-02-15 21:31

Details

Severity ?

7.8 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-9534"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-494"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-10-10T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. Development scripts left in the firmware can be used to upload a custom firmware image that the device runs. This could allow an unauthenticated, local attacker to upload their own firmware that could be used to intercept or modify traffic, spoof or intercept GPS traffic, exfiltrate private data, hide a backdoor, or cause a denial-of-service.",
  "id": "GHSA-367v-cj33-9229",
  "modified": "2024-02-15T21:31:24Z",
  "published": "2022-05-24T16:58:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9534"
    },
    {
      "type": "WEB",
      "url": "https://kb.cert.org/vuls/id/719689"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2019-9534

Vulnerability from fkie_nvd - Published: 2019-10-10 20:15 - Updated: 2024-11-21 04:51

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	cret@cert.org	https://kb.cert.org/vuls/id/719689/	Third Party Advisory, US Government Resource
	af854a3a-2127-422b-91ae-364da2661108	https://kb.cert.org/vuls/id/719689/	Third Party Advisory, US Government Resource

Impacted products

	Vendor	Product	Version
	cobham	explorer_710_firmware	1.07
	cobham	explorer_710	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cobham:explorer_710_firmware:1.07:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADA493F5-3AA0-4A1E-81CD-1AE01B9BD4D8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cobham:explorer_710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEF6DB4B-2304-4E4C-92A1-BAF622E39BF1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. Development scripts left in the firmware can be used to upload a custom firmware image that the device runs. This could allow an unauthenticated, local attacker to upload their own firmware that could be used to intercept or modify traffic, spoof or intercept GPS traffic, exfiltrate private data, hide a backdoor, or cause a denial-of-service."
    },
    {
      "lang": "es",
      "value": "El Cobham EXPLORER 710, versi\u00f3n de firmware 1.07, no comprueba su imagen de firmware. Los scripts de desarrollo que quedan en el firmware pueden ser usados para cargar una imagen de firmware personalizada que ejecuta el dispositivo. Esto podr\u00eda permitir a un atacante local no autenticado cargar su propio firmware que podr\u00eda ser usado para interceptar o modificar el tr\u00e1fico, falsificar o interceptar el tr\u00e1fico GPS, filtrar datos privados, ocultar una backdoor o causar una denegaci\u00f3n de servicio."
    }
  ],
  "id": "CVE-2019-9534",
  "lastModified": "2024-11-21T04:51:48.330",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-10-10T20:15:11.537",
  "references": [
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://kb.cert.org/vuls/id/719689/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://kb.cert.org/vuls/id/719689/"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-494"
        }
      ],
      "source": "cret@cert.org",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-494"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CNVD-2019-35798

Vulnerability from cnvd - Published: 2019-10-18

Title

Cobham plc EXPLORER 710存在未明漏洞

Description

Cobham plc EXPLORER 710是英国Cobham plc公司的一款便携式卫星终端设备。该产品主要提供卫星通信和互联网访问等功能。使用1.07版本固件的Cobham plc EXPLORER 710中存在安全漏洞，该漏洞源于程序没有验证固件的镜像。本地攻击者可利用该漏洞上传其自己的固件，拦截或修改流量，伪造或拦截GPS流量，设置后门或造成拒绝服务。

Severity

高

Patch Name

Cobham plc EXPLORER 710存在未明漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，详情请关注厂商主页： https://www.cobham.com

Reference

https://nvd.nist.gov/vuln/detail/CVE-2019-9534

Impacted products

Name
Cobham plc EXPLORER 710 1.07

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-9534"
    }
  },
  "description": "Cobham plc EXPLORER 710\u662f\u82f1\u56fdCobham plc\u516c\u53f8\u7684\u4e00\u6b3e\u4fbf\u643a\u5f0f\u536b\u661f\u7ec8\u7aef\u8bbe\u5907\u3002\u8be5\u4ea7\u54c1\u4e3b\u8981\u63d0\u4f9b\u536b\u661f\u901a\u4fe1\u548c\u4e92\u8054\u7f51\u8bbf\u95ee\u7b49\u529f\u80fd\u3002\n\n\u4f7f\u75281.07\u7248\u672c\u56fa\u4ef6\u7684Cobham plc EXPLORER 710\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u6ca1\u6709\u9a8c\u8bc1\u56fa\u4ef6\u7684\u955c\u50cf\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4e0a\u4f20\u5176\u81ea\u5df1\u7684\u56fa\u4ef6\uff0c\u62e6\u622a\u6216\u4fee\u6539\u6d41\u91cf\uff0c\u4f2a\u9020\u6216\u62e6\u622aGPS\u6d41\u91cf\uff0c\u8bbe\u7f6e\u540e\u95e8\u6216\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "by Kyle O\u0027Meara and David Belasco of the CERT Coordination Center of the Carnegie Mellon Software Engineering Institute",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttps://www.cobham.com",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-35798",
  "openTime": "2019-10-18",
  "patchDescription": "Cobham plc EXPLORER 710\u662f\u82f1\u56fdCobham plc\u516c\u53f8\u7684\u4e00\u6b3e\u4fbf\u643a\u5f0f\u536b\u661f\u7ec8\u7aef\u8bbe\u5907\u3002\u8be5\u4ea7\u54c1\u4e3b\u8981\u63d0\u4f9b\u536b\u661f\u901a\u4fe1\u548c\u4e92\u8054\u7f51\u8bbf\u95ee\u7b49\u529f\u80fd\u3002\r\n\r\n\u4f7f\u75281.07\u7248\u672c\u56fa\u4ef6\u7684Cobham plc EXPLORER 710\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u6ca1\u6709\u9a8c\u8bc1\u56fa\u4ef6\u7684\u955c\u50cf\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4e0a\u4f20\u5176\u81ea\u5df1\u7684\u56fa\u4ef6\uff0c\u62e6\u622a\u6216\u4fee\u6539\u6d41\u91cf\uff0c\u4f2a\u9020\u6216\u62e6\u622aGPS\u6d41\u91cf\uff0c\u8bbe\u7f6e\u540e\u95e8\u6216\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cobham plc EXPLORER 710\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Cobham plc EXPLORER 710 1.07"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-9534",
  "serverity": "\u9ad8",
  "submitTime": "2019-10-12",
  "title": "Cobham plc EXPLORER 710\u5b58\u5728\u672a\u660e\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2019-9534 (GCVE-0-2019-9534)

VAR-201910-0320

GSD-2019-9534

GHSA-367V-CJ33-9229

FKIE_CVE-2019-9534

CNVD-2019-35798

Tags

Sightings

Nomenclature