Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2019-9534 | First vendor Publication | 2019-10-10 |
Vendor | Cve | Last vendor Modification | 2024-02-15 |
Security-Database Scoring CVSS v3
Cvss vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | |||
---|---|---|---|
Overall CVSS Score | 7.8 | ||
Base Score | 7.8 | Environmental Score | 7.8 |
impact SubScore | 5.9 | Temporal Score | 7.8 |
Exploitabality Sub Score | 1.8 | ||
Attack Vector | Local | Attack Complexity | Low |
Privileges Required | Low | User Interaction | None |
Scope | Unchanged | Confidentiality Impact | High |
Integrity Impact | High | Availability Impact | High |
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. Development scripts left in the firmware can be used to upload a custom firmware image that the device runs. This could allow an unauthenticated, local attacker to upload their own firmware that could be used to intercept or modify traffic, spoof or intercept GPS traffic, exfiltrate private data, hide a backdoor, or cause a denial-of-service. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9534 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-494 | Download of Code Without Integrity Check (CWE/SANS Top 25) |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 1 |
Sources (Detail)
Source | Url |
---|---|
CERT-VN | https://kb.cert.org/vuls/id/719689/ |
Alert History
Date | Informations |
---|---|
2024-02-16 05:28:08 |
|
2020-05-23 02:34:21 |
|
2019-10-11 17:21:11 |
|
2019-10-11 05:20:45 |
|