Friday, December 6, 2024
HomeCVE/vulnerabilityMultiple Vulnerabilities Found in Satellite Internet Access Terminal Let Hackers Intercept the...

Multiple Vulnerabilities Found in Satellite Internet Access Terminal Let Hackers Intercept the GPS Traffic

Published on

SIEM as a Service

Researchers from CERT/CC discovered multiple vulnerabilities in Satcom terminal Cobham EXPLORER 710 that affects both firmware and device.

The vulnerabilities allow hackers to perform several attacks such as intercept the traffic, remotely execute the command, implant and hide a backdoor, DoS Attack, exfiltrate the sensitive data and more

Cobham EXPLORER 710 is a satellite telecommunication terminal, the device provides you internet access through satellite and various feature including the fastest on-demand video streaming via satellite.

- Advertisement - SIEM as a Service

The Terminal used in various sectors including space systems, Commercial aerospace, Maritime SATCOM, Land and Air defense for Military, Fighter jets and more.

EXPLORER 710 is also a highly sophisticated communication tool that provides IP streaming rates of 1 Mbps or even higher via an ethernet connection.

Cobham EXPLORER 710 provides communication interfaces including 2 x Ethernet, USB, WLAN 802.11 a/b/g, Digital I/O, Bluetooth and also the terminal is capable of providing Internet, Email, Phone, VoIP, FTP, FoIP (Fax), SMS Text, Video Streaming via satellite.

There are 6 severe vulnerabilities found in Cobham EXPLORER 710, and all the vulnerabilities affect the firmware version 1.07.

  • CVE-2019-9529 – Authentication Failure
  • CVE-2019-9530 – Unrestricted Directory Access
  • CVE-2019-9531 – Authentication Failure
  • CVE-2019-9532 – Plan text Data Exchange
  • CVE-2019-9533 – Default Login Credentials
  • CVE-2019-9534 – Validate Failure

CVE-2019-9529 – Authentication Failure

An authentication failure vulnerability resides in the web application portal let unauthenticated attackers gain the portal access and perform any changes to the device.

CVE-2019-9530 – Unrestricted Directory Access

An unrestricted directory Access vulnerability found in webroot directory that contains no access restrictions and is allows local attackers to perform read, write and download any files from the Web root directory.

CVE-2019-9531 – Authentication Failure

Another Authentication failure vulnerability found in Cobham EXPLORER 710 Satcom terminal web application portal allows attackers to perform unauthenticated access to port 5454 on the device.

” This could allow an unauthenticated, remote attacker to connect to this port via Telnet and execute 86 Attention (AT) commands, including some that provide unauthenticated, shell-like access to the device.”

CVE-2019-9532 – Plan text Data Exchange

A vulnerability found in web application portal that passing the login password in cleartext that allows a local attacker to intercept the traffic and gain complete control of the portal.

CVE-2019-9533 – Default Login Credentials

The device contains the root password that is the same for all versions of firmware up to and including v1.08.

By having the default root password, devices are highly vulnerable to attackers who could possibly reverse-engineer the password in all the available versions to gain complete unauthenticated device access.

CVE-2019-9534 – Validate Failure

Due to validation failure, the device does not validate its firmware image, and the Development scripts left in the firmware can be used to upload a custom firmware image that the device runs.

The vulnerability allows attackers to upload their own firmware image and  intercept or modify traffic, spoof or intercept GPS traffic, exfiltrate private data, hide a backdoor, or cause a denial-of-service. CERT/CC researchers said.

Along with the above-mentioned flaws, researchers also discovered the missing of important security headers, which are highly dangerous for the device and it is vulnerable to cross-site scripting and clickjacking

The CERT/CC said that they are currently unaware of a practical solution to these problems.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Top Five Industries Most Frequently Targeted by Phishing Attacks

Researchers analyzed phishing attacks from Q3 2023 to Q3 2024 and identified the top...

Russian BlueAlpha APT Exploits Cloudflare Tunnels to Distribute Custom Malware

BlueAlpha, a Russian state-sponsored group, is actively targeting Ukrainian individuals and organizations by using...

Russian Hackers Hijacked Pakistani Actor Servers For C2 Communication

Secret Blizzard, a Russian threat actor, has infiltrated 33 command-and-control (C2) servers belonging to...

Sophisticated Celestial Stealer Targets Browsers to Steal Login Credentials

Researchers discovered Celestial Stealer, a JavaScript-based MaaS infostealer targeting Windows systems that, evading detection...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Top Five Industries Most Frequently Targeted by Phishing Attacks

Researchers analyzed phishing attacks from Q3 2023 to Q3 2024 and identified the top...

Russian BlueAlpha APT Exploits Cloudflare Tunnels to Distribute Custom Malware

BlueAlpha, a Russian state-sponsored group, is actively targeting Ukrainian individuals and organizations by using...

Russian Hackers Hijacked Pakistani Actor Servers For C2 Communication

Secret Blizzard, a Russian threat actor, has infiltrated 33 command-and-control (C2) servers belonging to...