Vulnerability CVE-2013-2819


Published: 2014-01-15

Description:
The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to install Trojan horse firmware by leveraging cleartext credentials in a crafted (1) update or (2) reprogramming action.

Type:

CWE-255

(Credentials Management)

Vendor: Sierrawireless
Product: Raven x ev-do firmware 
Version: 4228_4.0.11.003; 4221_4.0.11.003;
Product: Airlink mp row wifi 
Product: Airlink mp at&t 
Product: Raven xt 
Product: Pinpoint x 
Product: Airlink mp sprint wifi 
Product: Airlink mp bell 
Product: Raven x 
Product: Airlink mp telus wifi 
Product: Airlink mp row 
Product: Raven xe 
Product: Airlink mp verizon wifi 
Product: Airlink mp sprint 
Product: Airlink mp at&t wifi 
Product: Pinpoint xt 
Product: Airlink mp telus 
Product: Airlink mp bell wifi 
Product: Raven x ev-do 
Product: Airlink mp verizon 

CVSS2 => (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
9.3/10
10/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
http://ics-cert.us-cert.gov/advisories/ICSA-14-007-01A
http://www.sierrawireless.com/resources/support/airlink/docs/raven%20security%20vulnerability%202014-01-10.pdf

Related CVE
CVE-2017-9247
Multiple unquoted service path vulnerabilities in Sierra Wireless Windows Mobile Broadband Driver Package (MBDP) with build ID < 4657 allows local users to launch processes with elevated privileges.
CVE-2016-5071
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 execute the management web application as root.
CVE-2016-5068
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 do not require authentication for Embedded_Ace_Get_Task.cgi requests.
CVE-2016-5069
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are in the URL.
CVE-2016-5070
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store passwords in cleartext.
CVE-2016-5065
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection.
CVE-2016-5066
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak passwords for admin, rauser, sconsole, and user.
CVE-2016-5067
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Hayes AT command injection.

Copyright 2019, cxsecurity.com

 

Back to Top