Vulnerabilities > CVE-2014-2942 - Credentials Management vulnerability in Cobham Aviator 700D and Aviator 700E

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

cobham

CWE-255

NVD

Published: 2014-09-22

Updated: 2014-09-22

Summary

Cobham Aviator 700D and 700E satellite terminals use an improper algorithm for PIN codes, which makes it easier for attackers to obtain a privileged terminal session by calculating the superuser code, and then leveraging physical access or terminal access to enter this code.

Vulnerable Configurations

Part	Description	Count
Hardware	Cobham Cobham Aviator 700D - Cobham Aviator 700E -	2

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

References

http://www.kb.cert.org/vuls/id/882207