Cobham: >> Sailor 6222 Vhf Security Vulnerabilities
The thraneLINK protocol implementation on Cobham devices does not verify firmware signatures, which allows attackers to execute arbitrary code by leveraging physical access or terminal access to send an SNMP request and a TFTP response.
CVSS Score
9.3
EPSS Score
0.003
Published
2014-08-15
Cobham Sailor 900 and 6000 satellite terminals with firmware 1.08 MFHF and 2.11 VHF have hardcoded credentials for the administrator account, which allows attackers to obtain administrative control by leveraging physical access or terminal access.
CVSS Score
10.0
EPSS Score
0.003
Published
2014-08-15
Cobham Sailor 6000 satellite terminals have hardcoded Tbus 2 credentials, which allows remote attackers to obtain access via a TBUS2 command. NOTE: the vendor reportedly states "there is no possibility to exploit another user's credentials.
CVSS Score
7.1
EPSS Score
0.015
Published
2014-08-15