Maritime Communications Vulnerability

Tuesday, February 3, 2015 @ 03:02 PM gHale

There is a public report of a remote exploit vulnerability with proof-of-concept (PoC) exploit code affecting Cobham Sailor 900 VSAT, maritime satellite broadband product, according to a report on ICS-CERT.

According to this report, an attacker may use this vulnerability to remotely bypass administrative passwords. The report released without coordination with either the vendor or ICS-CERT.

Honeywell Updates HART DTM Vulnerability
Schneider Mitigates Buffer Overflow
Magnetrol Integrates HART DTM Update
Update on HART DTM Vulnerability

ICS-CERT is reaching out to the affected vendor of the report and has asked the vendor to confirm the vulnerability and identify mitigations. ICS-CERT is issuing this alert to provide early notice of the report.

The report included buffer overflow vulnerability details that allows for remote code execution and PoC exploit code.

The vendor’s product information indicates this product sees use for broadband maritime communications. The vulnerability does not appear to affect navigation.

Leave a Reply

You must be logged in to post a comment.