BID:69141

Cobham Sailor Satellite Terminals CVE-2014-2940 Hardcoded Credentials Security Bypass Vulnerability

Info

Cobham Sailor Satellite Terminals CVE-2014-2940 Hardcoded Credentials Security Bypass Vulnerability

Bugtraq ID:	69141
Class:	Design Error
CVE:	CVE-2014-2940
Remote:	Yes
Local:	No
Published:	Aug 07 2014 12:00AM
Updated:	Aug 07 2014 12:00AM
Credit:	Ruben Santamarta
Vulnerable:	Cobham plc Sailor 900 Series 1.08 MFHF / 2.11 VHF Cobham plc Sailor 6000 Series 1.08 MFHF / 2.11 VHF

Not Vulnerable:

Exploit / POC

Cobham Sailor Satellite Terminals CVE-2014-2940 Hardcoded Credentials Security Bypass Vulnerability

An attacker can carry out this attack using readily available network utilities.

Solution / Fix

Cobham Sailor Satellite Terminals CVE-2014-2940 Hardcoded Credentials Security Bypass Vulnerability

Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

References

Cobham Sailor Satellite Terminals CVE-2014-2940 Hardcoded Credentials Security Bypass Vulnerability

References:

Cobham Sailor Homepage (Cobham plc)
Cobham Sailor satellite terminals contain hardcoded credentials (CERT)