Vulnerability Note VU#269991
Cobham Sailor 6000 series satellite terminal contain hardcoded credentials
Cobham Sailor 6000 series satellite terminals contain hardcoded credentials for communicating via the Tbus 2 protocol.
Note: this is a different vulnerability from VU#460687
CWE-798: Use of Hard-coded Credentials
An unauthenticated attacker may be able to send arbitrary Tbus 2 commands to the terminal, affecting the operation of the system.
The CERT/CC is currently unaware of a practical solution to this problem.
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Cobham plc||Affected||14 Jan 2014||28 Jul 2014|
CVSS Metrics (Learn More)
Thanks to Ruben Santamarta for reporting this vulnerability.
This document was written by Chris King.
- CVE IDs: CVE-2014-2941
- Date Public: 07 Aug 2014
- Date First Published: 07 Aug 2014
- Date Last Updated: 13 Aug 2014
- Document Revision: 9
If you have feedback, comments, or additional information about this vulnerability, please send us email.