CVE-2014-2941
UnknownEPSS 1.97%
Last modified
CVE-2014-2941 is a vulnerability of currently unknown severity. Cobham Sailor 6000 satellite terminals have hardcoded Tbus 2 credentials, which allows remote attackers to obtain access via a TBUS2 command. NOTE: the vendor reportedly states "there is no possibility to exploit another user's credentials.. EPSS estimates a 1.97% chance of exploitation in the next 30 days.
Description
Cobham Sailor 6000 satellite terminals have hardcoded Tbus 2 credentials, which allows remote attackers to obtain access via a TBUS2 command. NOTE: the vendor reportedly states "there is no possibility to exploit another user's credentials.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cobham | Ailor 6110 Mini-C Gmdss | All versions |
| Cobham | Sailor 6006 Message Terminal | All versions |
| Cobham | Sailor 6222 Vhf | All versions |
| Cobham | Sailor 6300 Mf \/ Hf | All versions |
References
- http://www.kb.cert.org/vuls/id/269991Third Party Advisory, US Government Resource
- http://www.kb.cert.org/vuls/id/269991Third Party Advisory, US Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2014-2941?
Cobham Sailor 6000 satellite terminals have hardcoded Tbus 2 credentials, which allows remote attackers to obtain access via a TBUS2 command. NOTE: the vendor reportedly states "there is no possibility to exploit another user's credentials.
How severe is CVE-2014-2941?
Severity scoring for CVE-2014-2941 is pending analysis. The EPSS model estimates a 1.97% probability of exploitation in the next 30 days.
How do I fix CVE-2014-2941?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2014-2941?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST