CVE-2014-2964 : Cobham Aviator 700D and 700E satellite terminals have hardcoded passwords for the (1) debug, (2) prod, (3) do160, and (4

Cobham Aviator 700D and 700E satellite terminals have hardcoded passwords for the (1) debug, (2) prod, (3) do160, and (4) flrp programs, which allows physically proximate attackers to gain privileges by sending a password over a serial line.

Published 2014-08-15 11:15:43

Updated 2014-08-15 17:38:55

Source CERT/CC

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2014-2964

Probability of exploitation activity in the next 30 days: 0.04%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 8 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2014-2964

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.9	MEDIUM	AV:L/AC:M/Au:N/C:C/I:C/A:C	3.4	10.0	NIST
Access Vector: Local Access Complexity: Medium Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2014-2964

http://www.kb.cert.org/vuls/id/882207

VU#882207 - Cobham Aviator satellite terminals contain multiple vulnerabilities
Third Party Advisory;US Government Resource

CVEs referencing this url

Products affected by CVE-2014-2964

Cobham » Aviator 700d » Version: N/A
cpe:2.3:h:cobham:aviator_700d:-:*:*:*:*:*:*:*
Matching versions
Cobham » Aviator 700e » Version: N/A
cpe:2.3:h:cobham:aviator_700e:-:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2014-2964

Exploit prediction scoring system (EPSS) score for CVE-2014-2964

CVSS scores for CVE-2014-2964

References for CVE-2014-2964

Products affected by CVE-2014-2964