34 matches found
EUVD-2014-2964
Malware in sbrugna...
EUVD-2013-5865
Malware in sbrugna...
EUVD-2013-5864
Malware in sbrugna...
Nuclear Satcoms
The Fukushima Daiichi nuclear incident in 2011 has led to safety changes that may have an interesting knock-on effect on reactor security. Loss of telemetry during the flooding, as a result of the subsequent loss of power, made assessment of the incident hard to manage. Critical data about the...
Hacking train passenger Wi-Fi
After speaking about Wi-Fi security at a rail industry conference last week, it struck me that very insecure passenger networks are making their way on to trains. So, here’s a quick check list for making sure your pax Wi-Fi network is secure. Similar checks could be applied to your guest network ...
CVE-2014-2942
Cobham Aviator 700D and 700E satellite terminals use an improper algorithm for PIN codes, which makes it easier for attackers to obtain a privileged terminal session by calculating the superuser code, and then leveraging physical access or terminal access to enter this code...
CVE-2014-2942
Cobham Aviator 700D/700E satellite terminals are affected by CVE-2014-2942 due to use of a broken/risky cryptographic algorithm to generate PINs. This enables a local, unauthenticated attacker to calculate a superuser PIN and gain full control of the terminal, given physical access or access to t...
CVE-2014-0326
The Pilot Below Deck Equipment BDE and OpenPort implementations on Iridium satellite terminals allow remote attackers to read hardcoded credentials via the web interface...
CVE-2014-0327
The Terminal Upgrade Tool in the Pilot Below Deck Equipment BDE and OpenPort implementations on Iridium satellite terminals allows remote attackers to execute arbitrary code by uploading new firmware to TCP port 54321...
Hardcoded credentials
The Pilot Below Deck Equipment BDE and OpenPort implementations on Iridium satellite terminals allow remote attackers to read hardcoded credentials via the web interface...
Code injection
The Terminal Upgrade Tool in the Pilot Below Deck Equipment BDE and OpenPort implementations on Iridium satellite terminals allows remote attackers to execute arbitrary code by uploading new firmware to TCP port 54321...
CVE-2014-0327
CVE-2014-0327 affects Iridium Pilot BDE and OpenPort on Iridium terminals. The vulnerability stems from an unauthenticated firmware upgrade tool accessible via TCP port 54321, allowing remote attackers to upload firmware and execute arbitrary code, potentially gaining privileged access. Publicly,...
CVE-2014-0326
The Pilot Below Deck Equipment BDE and OpenPort implementations on Iridium satellite terminals allow remote attackers to read hardcoded credentials via the web interface...
CVE-2014-0326
CVE-2014-0326 affects Iridium Pilot BDE (Below Deck Equipment) and OpenPort devices, where the web interface exposes hardcoded administrator credentials. The root cause is hardcoded credentials (CWE-798) and an insecure protocol that allows unauthenticated remote access to privileged functions (C...
CVE-2014-2940
Cobham Sailor 900 and 6000 satellite terminals with firmware 1.08 MFHF and 2.11 VHF have hardcoded credentials for the administrator account, which allows attackers to obtain administrative control by leveraging physical access or terminal access...
CVE-2014-2941
Cobham Sailor 6000 satellite terminals have hardcoded Tbus 2 credentials, which allows remote attackers to obtain access via a TBUS2 command. NOTE: the vendor reportedly states "there is no possibility to exploit another user's credentials...
Hardcoded credentials
Cobham Aviator 700D and 700E satellite terminals have hardcoded passwords for the 1 debug, 2 prod, 3 do160, and 4 flrp programs, which allows physically proximate attackers to gain privileges by sending a password over a serial line...
Hardcoded credentials
Cobham Sailor 900 and 6000 satellite terminals with firmware 1.08 MFHF and 2.11 VHF have hardcoded credentials for the administrator account, which allows attackers to obtain administrative control by leveraging physical access or terminal access...
Hardcoded credentials
Cobham Sailor 6000 satellite terminals have hardcoded Tbus 2 credentials, which allows remote attackers to obtain access via a TBUS2 command. NOTE: the vendor reportedly states "there is no possibility to exploit another user's credentials...
CVE-2014-2941
Cobham Sailor 6000 satellite terminals have hardcoded Tbus 2 credentials, which allows remote attackers to obtain access via a TBUS2 command. NOTE: the vendor reportedly states "there is no possibility to exploit another user's credentials...