Lucene search

[email protected]CVE-2014-0327

HistoryAug 17, 2014 - 11:55 p.m.

CVE-2014-0327

2014-08-1723:55:04

[email protected]

web.nvd.nist.gov

cve-2014-0327

terminal upgrade tool

bde

openport

iridium satellite terminals

remote code execution

firmware upload

tcp port 54321

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.7%

JSON

The Terminal Upgrade Tool in the Pilot Below Deck Equipment (BDE) and OpenPort implementations on Iridium satellite terminals allows remote attackers to execute arbitrary code by uploading new firmware to TCP port 54321.

Affected configurations

NVD

Node

iridiumopen_portMatch-

iridiumpilot_below_deck_equipmentMatch-

CPENameOperatorVersion
iridium:open_portiridium open porteq-
iridium:pilot_below_deck_equipmentiridium pilot below deck equipmenteq-

CPE	Name	Operator	Version
iridium:open_port	iridium open port	eq	-
iridium:pilot_below_deck_equipment	iridium pilot below deck equipment	eq	-

References

www.kb.cert.org/vuls/id/578598

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.7%

JSON

Related for CVE-2014-0327

prion1 nvd1 cvelist1 cert1