cvelistv5 - cve-2013-2820

CVE-2013-2820 (GCVE-0-2013-2820)

Vulnerability from cvelistv5 – Published: 2014-01-15 16:00 – Updated: 2024-08-06 15:52

Summary

The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to reprogram the firmware via a replay attack using UDP ports 17336 and 17388.

Severity ?

No CVSS data available.

CWE

Assigner

icscert

References

URL

FKIE_CVE-2013-2820

Vulnerability from fkie_nvd - Published: 2014-01-15 16:08 - Updated: 2025-04-11 00:51

Severity ?

Summary

The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to reprogram the firmware via a replay attack using UDP ports 17336 and 17388.

References

URL	Tags
ics-cert@hq.dhs.gov	http://ics-cert.us-cert.gov/advisories/ICSA-14-007-01A	US Government Resource
ics-cert@hq.dhs.gov	http://www.sierrawireless.com/resources/support/airlink/docs/raven%20security%20vulnerability%202014-01-10.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://ics-cert.us-cert.gov/advisories/ICSA-14-007-01A	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.sierrawireless.com/resources/support/airlink/docs/raven%20security%20vulnerability%202014-01-10.pdf	Vendor Advisory

Impacted products

Vendor	Product	Version
sierrawireless	raven_x_ev-do_firmware	4221_4.0.11.003
sierrawireless	raven_x_ev-do_firmware	4228_4.0.11.003
sierrawireless	airlink_mp_at\&t	-
sierrawireless	airlink_mp_at\&t_wifi	-
sierrawireless	airlink_mp_bell	-
sierrawireless	airlink_mp_bell_wifi	-
sierrawireless	airlink_mp_row	-
sierrawireless	airlink_mp_row_wifi	-
sierrawireless	airlink_mp_sprint	-
sierrawireless	airlink_mp_sprint_wifi	-
sierrawireless	airlink_mp_telus	-
sierrawireless	airlink_mp_telus_wifi	-
sierrawireless	airlink_mp_verizon	-
sierrawireless	airlink_mp_verizon_wifi	-
sierrawireless	pinpoint_x	-
sierrawireless	pinpoint_xt	-
sierrawireless	raven_x	-
sierrawireless	raven_x_ev-do	-
sierrawireless	raven_xe	-
sierrawireless	raven_xt	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sierrawireless:raven_x_ev-do_firmware:4221_4.0.11.003:*:*:*:*:*:*:*",
              "matchCriteriaId": "6598EB85-9308-4C86-B99A-86DBD10B2891",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sierrawireless:raven_x_ev-do_firmware:4228_4.0.11.003:*:*:*:*:*:*:*",
              "matchCriteriaId": "54E7B1E7-CB00-4782-A43C-3FF5EEFE64D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sierrawireless:airlink_mp_at\\\u0026t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "53755BE2-114E-4653-AFC2-821B00EC4FFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sierrawireless:airlink_mp_at\\\u0026t_wifi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBB741FE-9052-419A-B9D3-0884C2ACBDC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sierrawireless:airlink_mp_bell:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "786A6F41-D31E-43C5-B8DD-DE067E9539B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sierrawireless:airlink_mp_bell_wifi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A53D52-FEA3-4846-90D9-9F1798079EED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sierrawireless:airlink_mp_row:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6582EBFD-F674-4875-8C25-7C34A23C5D77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sierrawireless:airlink_mp_row_wifi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB939927-FA4F-40FE-A0DD-FF07A7D632F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sierrawireless:airlink_mp_sprint:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98A8359A-F306-43F9-A493-A84E83392CDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sierrawireless:airlink_mp_sprint_wifi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1668778A-D804-4D84-9A31-F7EE54BD415A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sierrawireless:airlink_mp_telus:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4403EE5A-CE5F-44EC-B5C6-2374889D79FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sierrawireless:airlink_mp_telus_wifi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF1FCBA7-05A8-4591-8A5E-E1BE168E15F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sierrawireless:airlink_mp_verizon:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9093B6C-A10F-4149-BF20-F7732B4EE3FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sierrawireless:airlink_mp_verizon_wifi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B52509FC-B6F6-4F3C-BC8E-E85684762C90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sierrawireless:pinpoint_x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4227E6F-284F-4EDF-86CA-C4AD704C04AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sierrawireless:pinpoint_xt:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B07D5090-3307-4EAD-B4B4-1F0C72DE1638",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sierrawireless:raven_x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50D6F983-72E5-4DF7-9F09-06BDE2C17C18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sierrawireless:raven_x_ev-do:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BE2ACC6-8F72-43D2-8717-BE5B9D84D913",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sierrawireless:raven_xe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0070BC42-877D-4B86-9F72-7241E104480A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sierrawireless:raven_xt:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33F271D-81BD-4B66-9EF6-6BEFA9C775A9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to reprogram the firmware via a replay attack using UDP ports 17336 and 17388."
    },
    {
      "lang": "es",
      "value": "El gateway Sierra Wireless AirLink Raven X EV-DO 4221_4.0.11.003 y 4228_4.0.11.003 permite a atacantes remotos reprogramar el firmware a trav\u00e9s de un ataque replay utilizando puertos UDP 17336 y 17388."
    }
  ],
  "id": "CVE-2013-2820",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-01-15T16:08:18.110",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-007-01A"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.sierrawireless.com/resources/support/airlink/docs/raven%20security%20vulnerability%202014-01-10.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-007-01A"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.sierrawireless.com/resources/support/airlink/docs/raven%20security%20vulnerability%202014-01-10.pdf"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ICSA-14-007-01B

Vulnerability from csaf_cisa - Published: 2014-10-10 06:00 - Updated: 2025-06-06 18:44

Summary

Sierra Wireless AirLink Raven X EV-DO Vulnerabilities (Update B)

Notes

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Recommended Practices

CISA recommends users take defensive measures to minimize the risk of exploitation.

Recommended Practices

Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.

Recommended Practices

Locate control system networks and remote devices behind firewalls and isolating them from business networks.

Recommended Practices

When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.

Recommended Practices

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.

Recommended Practices

Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

Recommended Practices

CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the risk of exploitation.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
        "title": "Recommended Practices"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "central@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-14-007-01B JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2014/icsa-14-007-01b.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-14-007-01B - Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-007-01b"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/topics/industrial-control-systems"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
      }
    ],
    "title": "Sierra Wireless AirLink Raven X EV-DO Vulnerabilities (Update B)",
    "tracking": {
      "current_release_date": "2025-06-06T18:44:19.916379Z",
      "generator": {
        "date": "2025-06-06T18:44:19.916314Z",
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-14-007-01B",
      "initial_release_date": "2014-10-10T06:00:00.000000Z",
      "revision_history": [
        {
          "date": "2014-10-10T06:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "Initial Publication"
        },
        {
          "date": "2025-06-06T18:44:19.916379Z",
          "legacy_version": "CSAF Conversion",
          "number": "2",
          "summary": "Advisory converted into a CSAF"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "4221_4.0.11.003|4228_4.0.11.003",
                "product": {
                  "name": "Sierra Wireless AirLink Raven X EV-DO: 4221_4.0.11.003|4228_4.0.11.003",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "AirLink Raven X EV-DO"
          }
        ],
        "category": "vendor",
        "name": "Sierra Wireless"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2013-2819",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to install Trojan horse firmware by leveraging cleartext credentials in a crafted (1) update or (2) reprogramming action.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Sierra Wireless has discontinued, but still supports the AirLink Raven X EV-DO product, and has provided mitigation suggestions in the following AirLink Raven Security Vulnerability report, dated May 28, 2014. This AirLink Product Notice may be downloaded directly at: (http://www.sierrawireless.com/Support/Downloads/AirLink/Raven_Series/AirLink_Raven_X_EV-DO.aspx)",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "http://www.sierrawireless.com/Support/Downloads/AirLink/Raven_Series/AirLink_Raven_X_EV-DO.aspx"
        },
        {
          "category": "mitigation",
          "details": "Additional information and downloads can be found at: (http://www.sierrawireless.com/Support.aspx)",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "http://www.sierrawireless.com/Support.aspx"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "baseScore": 9.3,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2013-2820",
      "cwe": {
        "id": "CWE-294",
        "name": "Authentication Bypass by Capture-replay"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to reprogram the firmware via a replay attack using UDP ports 17336 and 17388.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Sierra Wireless has discontinued, but still supports the AirLink Raven X EV-DO product, and has provided mitigation suggestions in the following AirLink Raven Security Vulnerability report, dated May 28, 2014. This AirLink Product Notice may be downloaded directly at: (http://www.sierrawireless.com/Support/Downloads/AirLink/Raven_Series/AirLink_Raven_X_EV-DO.aspx)",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "http://www.sierrawireless.com/Support/Downloads/AirLink/Raven_Series/AirLink_Raven_X_EV-DO.aspx"
        },
        {
          "category": "mitigation",
          "details": "Additional information and downloads can be found at: (http://www.sierrawireless.com/Support.aspx)",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "http://www.sierrawireless.com/Support.aspx"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "baseScore": 10.0,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}

GSD-2013-2820

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to reprogram the firmware via a replay attack using UDP ports 17336 and 17388.

Aliases

CVE-2013-2820

Aliases

CVE-2013-2820

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-2820",
    "description": "The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to reprogram the firmware via a replay attack using UDP ports 17336 and 17388.",
    "id": "GSD-2013-2820"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-2820"
      ],
      "details": "The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to reprogram the firmware via a replay attack using UDP ports 17336 and 17388.",
      "id": "GSD-2013-2820",
      "modified": "2023-12-13T01:22:17.206591Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "ics-cert@hq.dhs.gov",
        "ID": "CVE-2013-2820",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to reprogram the firmware via a replay attack using UDP ports 17336 and 17388."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.sierrawireless.com/resources/support/airlink/docs/raven%20security%20vulnerability%202014-01-10.pdf",
            "refsource": "CONFIRM",
            "url": "http://www.sierrawireless.com/resources/support/airlink/docs/raven%20security%20vulnerability%202014-01-10.pdf"
          },
          {
            "name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-007-01A",
            "refsource": "MISC",
            "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-007-01A"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:sierrawireless:raven_x_ev-do_firmware:4221_4.0.11.003:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:sierrawireless:raven_x_ev-do_firmware:4228_4.0.11.003:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:airlink_mp_row:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:airlink_mp_row_wifi:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:airlink_mp_sprint:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:airlink_mp_sprint_wifi:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:airlink_mp_verizon:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:airlink_mp_bell:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:airlink_mp_telus:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:airlink_mp_verizon_wifi:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:pinpoint_xt:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:airlink_mp_at\\\u0026t:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:airlink_mp_at\\\u0026t_wifi:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:raven_xt:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:raven_xe:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:raven_x:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:airlink_mp_bell_wifi:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:airlink_mp_telus_wifi:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:raven_x_ev-do:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:pinpoint_x:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2013-2820"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to reprogram the firmware via a replay attack using UDP ports 17336 and 17388."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-287"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.sierrawireless.com/resources/support/airlink/docs/raven%20security%20vulnerability%202014-01-10.pdf",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.sierrawireless.com/resources/support/airlink/docs/raven%20security%20vulnerability%202014-01-10.pdf"
            },
            {
              "name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-007-01A",
              "refsource": "MISC",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-007-01A"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2014-01-16T16:47Z",
      "publishedDate": "2014-01-15T16:08Z"
    }
  }
}

tid-407

Vulnerability from emb3d

Type

networking

Link

Show details on source website

Description

Threat actors may be able to replay a message to a device to cause an unwanted function, send an unwanted command, or gain access to privileged data. Message replaying can be used to bypass nonexistent or poorly designed authentication mechanisms lacking proper protections, such as a nonce or timestamp.

CWE

CWE-294: Authentication Bypass by Capture-replay (Base)

VAR-201401-0053

Vulnerability from variot - Updated: 2023-12-18 12:08

The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to reprogram the firmware via a replay attack using UDP ports 17336 and 17388. AirLink Raven X EV-DO is a small 3G network smart modem. Allows remote attackers to exploit vulnerabilities to send specially crafted requests to the 17336/UDP and 17388/UDP ports to reprogram the device firmware image, bypassing authentication and unauthorized access to the device. Successful exploits may allow attackers to bypass authentication through a replay attack and perform unauthorized actions

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201401-0053",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "raven x ev-do",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "sierrawireless",
        "version": "4228_4.0.11.003"
      },
      {
        "model": "raven x ev-do",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "sierrawireless",
        "version": "4221_4.0.11.003"
      },
      {
        "model": "airlink mp verizon wifi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sierrawireless",
        "version": null
      },
      {
        "model": "pinpoint x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sierrawireless",
        "version": null
      },
      {
        "model": "airlink mp row wifi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sierrawireless",
        "version": null
      },
      {
        "model": "raven xe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sierrawireless",
        "version": null
      },
      {
        "model": "raven x ev-do",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sierrawireless",
        "version": null
      },
      {
        "model": "pinpoint xt",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sierrawireless",
        "version": null
      },
      {
        "model": "airlink mp row",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sierrawireless",
        "version": null
      },
      {
        "model": "raven xt",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sierrawireless",
        "version": null
      },
      {
        "model": "airlink mp at\\\u0026t",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sierrawireless",
        "version": null
      },
      {
        "model": "airlink mp telus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sierrawireless",
        "version": null
      },
      {
        "model": "airlink mp telus wifi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sierrawireless",
        "version": null
      },
      {
        "model": "airlink mp bell wifi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sierrawireless",
        "version": null
      },
      {
        "model": "airlink mp sprint wifi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sierrawireless",
        "version": null
      },
      {
        "model": "airlink mp at\\\u0026t wifi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sierrawireless",
        "version": null
      },
      {
        "model": "raven x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sierrawireless",
        "version": null
      },
      {
        "model": "airlink mp verizon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sierrawireless",
        "version": null
      },
      {
        "model": "airlink mp bell",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sierrawireless",
        "version": null
      },
      {
        "model": "airlink mp sprint",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sierrawireless",
        "version": null
      },
      {
        "model": "airlink mp at\u0026t",
        "scope": null,
        "trust": 0.8,
        "vendor": "sierra",
        "version": null
      },
      {
        "model": "airlink mp at\u0026t wifi",
        "scope": null,
        "trust": 0.8,
        "vendor": "sierra",
        "version": null
      },
      {
        "model": "airlink mp bell",
        "scope": null,
        "trust": 0.8,
        "vendor": "sierra",
        "version": null
      },
      {
        "model": "airlink mp bell wifi",
        "scope": null,
        "trust": 0.8,
        "vendor": "sierra",
        "version": null
      },
      {
        "model": "airlink mp row",
        "scope": null,
        "trust": 0.8,
        "vendor": "sierra",
        "version": null
      },
      {
        "model": "airlink mp row wifi",
        "scope": null,
        "trust": 0.8,
        "vendor": "sierra",
        "version": null
      },
      {
        "model": "airlink mp sprint",
        "scope": null,
        "trust": 0.8,
        "vendor": "sierra",
        "version": null
      },
      {
        "model": "airlink mp sprint wifi",
        "scope": null,
        "trust": 0.8,
        "vendor": "sierra",
        "version": null
      },
      {
        "model": "airlink mp telus",
        "scope": null,
        "trust": 0.8,
        "vendor": "sierra",
        "version": null
      },
      {
        "model": "airlink mp telus wifi",
        "scope": null,
        "trust": 0.8,
        "vendor": "sierra",
        "version": null
      },
      {
        "model": "airlink mp verizon",
        "scope": null,
        "trust": 0.8,
        "vendor": "sierra",
        "version": null
      },
      {
        "model": "airlink mp verizon wifi",
        "scope": null,
        "trust": 0.8,
        "vendor": "sierra",
        "version": null
      },
      {
        "model": "pinpooint x",
        "scope": null,
        "trust": 0.8,
        "vendor": "sierra",
        "version": null
      },
      {
        "model": "pinpooint xt",
        "scope": null,
        "trust": 0.8,
        "vendor": "sierra",
        "version": null
      },
      {
        "model": "raven x",
        "scope": null,
        "trust": 0.8,
        "vendor": "sierra",
        "version": null
      },
      {
        "model": "raven x ev-do",
        "scope": null,
        "trust": 0.8,
        "vendor": "sierra",
        "version": null
      },
      {
        "model": "raven x ev-do",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sierra",
        "version": "4221_4.0.11.003"
      },
      {
        "model": "raven x ev-do",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sierra",
        "version": "4228_4.0.11.003"
      },
      {
        "model": "raven xe",
        "scope": null,
        "trust": 0.8,
        "vendor": "sierra",
        "version": null
      },
      {
        "model": "raven xt",
        "scope": null,
        "trust": 0.8,
        "vendor": "sierra",
        "version": null
      },
      {
        "model": "wireless airlink raven ev-do 4221 4.0.11.003",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "sierra",
        "version": "x"
      },
      {
        "model": "wireless airlink raven ev-do 4228 4.0.11.003",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "sierra",
        "version": "x"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-00188"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001185"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-2820"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201401-180"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:sierrawireless:raven_x_ev-do_firmware:4221_4.0.11.003:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:sierrawireless:raven_x_ev-do_firmware:4228_4.0.11.003:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:airlink_mp_row:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:airlink_mp_row_wifi:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:airlink_mp_sprint:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:airlink_mp_sprint_wifi:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:airlink_mp_verizon:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:airlink_mp_bell:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:airlink_mp_telus:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:airlink_mp_verizon_wifi:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:pinpoint_xt:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:airlink_mp_at\\\u0026t:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:airlink_mp_at\\\u0026t_wifi:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:raven_xt:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:raven_xe:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:raven_x:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:airlink_mp_bell_wifi:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:airlink_mp_telus_wifi:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:raven_x_ev-do:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:sierrawireless:pinpoint_x:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-2820"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cimation",
    "sources": [
      {
        "db": "BID",
        "id": "64704"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201401-180"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2013-2820",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 10.0,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2013-2820",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2014-00188",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-62822",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2013-2820",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-00188",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201401-180",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-62822",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-00188"
      },
      {
        "db": "VULHUB",
        "id": "VHN-62822"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001185"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-2820"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201401-180"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to reprogram the firmware via a replay attack using UDP ports 17336 and 17388. AirLink Raven X EV-DO is a small 3G network smart modem. Allows remote attackers to exploit vulnerabilities to send specially crafted requests to the 17336/UDP and 17388/UDP ports to reprogram the device firmware image, bypassing authentication and unauthorized access to the device. \nSuccessful exploits may allow attackers to bypass authentication through a replay attack and perform unauthorized actions",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-2820"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001185"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-00188"
      },
      {
        "db": "BID",
        "id": "64704"
      },
      {
        "db": "VULHUB",
        "id": "VHN-62822"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-2820",
        "trust": 3.4
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-14-007-01A",
        "trust": 2.5
      },
      {
        "db": "BID",
        "id": "64704",
        "trust": 1.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001185",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201401-180",
        "trust": 0.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-14-007-01",
        "trust": 0.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-00188",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-62822",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-00188"
      },
      {
        "db": "VULHUB",
        "id": "VHN-62822"
      },
      {
        "db": "BID",
        "id": "64704"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001185"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-2820"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201401-180"
      }
    ]
  },
  "id": "VAR-201401-0053",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-00188"
      },
      {
        "db": "VULHUB",
        "id": "VHN-62822"
      }
    ],
    "trust": 1.7
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-00188"
      }
    ]
  },
  "last_update_date": "2023-12-18T12:08:54.409000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "AirLink RavenSecurity Vulnerability",
        "trust": 0.8,
        "url": "http://www.sierrawireless.com/resources/support/airlink/docs/raven%20security%20vulnerability%202014-01-10.pdf"
      },
      {
        "title": "AirLink Raven X EV-DO Replay Security Vulnerability Vulnerability Patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/42228"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-00188"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001185"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-287",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-62822"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001185"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-2820"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://ics-cert.us-cert.gov/advisories/icsa-14-007-01a"
      },
      {
        "trust": 1.7,
        "url": "http://www.sierrawireless.com/resources/support/airlink/docs/raven%20security%20vulnerability%202014-01-10.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2820"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-2820"
      },
      {
        "trust": 0.6,
        "url": "http://ics-cert.us-cert.gov/advisories/icsa-14-007-01"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/64704"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-00188"
      },
      {
        "db": "VULHUB",
        "id": "VHN-62822"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001185"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-2820"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201401-180"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-00188"
      },
      {
        "db": "VULHUB",
        "id": "VHN-62822"
      },
      {
        "db": "BID",
        "id": "64704"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001185"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-2820"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201401-180"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-01-10T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-00188"
      },
      {
        "date": "2014-01-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-62822"
      },
      {
        "date": "2014-01-07T00:00:00",
        "db": "BID",
        "id": "64704"
      },
      {
        "date": "2014-01-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001185"
      },
      {
        "date": "2014-01-15T16:08:18.110000",
        "db": "NVD",
        "id": "CVE-2013-2820"
      },
      {
        "date": "2014-01-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201401-180"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-01-10T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-00188"
      },
      {
        "date": "2014-01-16T00:00:00",
        "db": "VULHUB",
        "id": "VHN-62822"
      },
      {
        "date": "2014-07-25T00:18:00",
        "db": "BID",
        "id": "64704"
      },
      {
        "date": "2014-01-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001185"
      },
      {
        "date": "2014-01-16T16:47:38.633000",
        "db": "NVD",
        "id": "CVE-2013-2820"
      },
      {
        "date": "2014-01-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201401-180"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201401-180"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "AirLink Raven X EV-DO Replay Security Bypass Vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-00188"
      },
      {
        "db": "BID",
        "id": "64704"
      }
    ],
    "trust": 0.9
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "authorization issue",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201401-180"
      }
    ],
    "trust": 0.6
  }
}

GHSA-82H4-8864-2938

Vulnerability from github – Published: 2022-05-17 04:54 – Updated: 2022-05-17 04:54

Details

The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to reprogram the firmware via a replay attack using UDP ports 17336 and 17388.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-2820"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2014-01-15T16:08:00Z",
    "severity": "HIGH"
  },
  "details": "The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to reprogram the firmware via a replay attack using UDP ports 17336 and 17388.",
  "id": "GHSA-82h4-8864-2938",
  "modified": "2022-05-17T04:54:36Z",
  "published": "2022-05-17T04:54:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2820"
    },
    {
      "type": "WEB",
      "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-007-01A"
    },
    {
      "type": "WEB",
      "url": "http://www.sierrawireless.com/resources/support/airlink/docs/raven%20security%20vulnerability%202014-01-10.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2013-2820 (GCVE-0-2013-2820)

FKIE_CVE-2013-2820

ICSA-14-007-01B

GSD-2013-2820

tid-407

Vulnerability from emb3d

VAR-201401-0053

GHSA-82H4-8864-2938

Tags

Sightings

Nomenclature