exploitDog

CVE-2014-0327

Опубликовано: 17 авг. 2014

Источник: nvd

CVSS2: 9.3

EPSS Низкий

Описание

The Terminal Upgrade Tool in the Pilot Below Deck Equipment (BDE) and OpenPort implementations on Iridium satellite terminals allows remote attackers to execute arbitrary code by uploading new firmware to TCP port 54321.

Комментарий

CWE-306: Missing Authentication for Critical Function

Ссылки

http://www.kb.cert.org/vuls/id/578598
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/578598
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:h:iridium:open_port:-:*:*:*:*:*:*:*

cpe:2.3:h:iridium:pilot_below_deck_equipment:-:*:*:*:*:*:*:*

EPSS

Процентиль: 79%

0.01279

Низкий

9.3 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-v824-6qgw-5mhr

github

больше 3 лет назад

The Terminal Upgrade Tool in the Pilot Below Deck Equipment (BDE) and OpenPort implementations on Iridium satellite terminals allows remote attackers to execute arbitrary code by uploading new firmware to TCP port 54321.

EPSS

Процентиль: 79%

0.01279

Низкий

9.3 Critical

CVSS2

Дефекты

NVD-CWE-Other