CVE-2014-2964
UnknownEPSS 0.49%
Last modified
CVE-2014-2964 is a vulnerability of currently unknown severity. Cobham Aviator 700D and 700E satellite terminals have hardcoded passwords for the (1) debug, (2) prod, (3) do160, and (4) flrp programs, which allows physically proximate attackers to gain privileges by sending a password over a serial line.. EPSS estimates a 0.49% chance of exploitation in the next 30 days.
Description
Cobham Aviator 700D and 700E satellite terminals have hardcoded passwords for the (1) debug, (2) prod, (3) do160, and (4) flrp programs, which allows physically proximate attackers to gain privileges by sending a password over a serial line.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cobham | Aviator 700d | All versions |
| Cobham | Aviator 700e | All versions |
References
- http://www.kb.cert.org/vuls/id/882207Third Party Advisory, US Government Resource
- http://www.kb.cert.org/vuls/id/882207Third Party Advisory, US Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2014-2964?
Cobham Aviator 700D and 700E satellite terminals have hardcoded passwords for the (1) debug, (2) prod, (3) do160, and (4) flrp programs, which allows physically proximate attackers to gain privileges by sending a password over a serial line.
How severe is CVE-2014-2964?
Severity scoring for CVE-2014-2964 is pending analysis. The EPSS model estimates a 0.49% probability of exploitation in the next 30 days.
How do I fix CVE-2014-2964?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2014-2964?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST