CVE-2014-0327

The Terminal Upgrade Tool in the Pilot Below Deck Equipment (BDE) and OpenPort implementations on Iridium satellite terminals allows remote attackers to execute arbitrary code by uploading new firmware to TCP port 54321.

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.kb.cert.org/vuls/id/578598	Third Party Advisory US Government Resource
http://www.kb.cert.org/vuls/id/578598	Third Party Advisory US Government Resource

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:iridium:open_port:-:::::::*
	cpe:2.3:h:iridium:pilot_below_deck_equipment:-:::::::*

History

21 Nov 2024, 02:01

Type	Values Removed	Values Added
References	~~() http://www.kb.cert.org/vuls/id/578598 - Third Party Advisory, US Government Resource~~	() http://www.kb.cert.org/vuls/id/578598 - Third Party Advisory, US Government Resource

Information

Published : 2014-08-17 23:55

Updated : 2025-04-12 10:46

NVD link : CVE-2014-0327

Mitre link : CVE-2014-0327

CVE.ORG link : CVE-2014-0327

JSON object : View

Products Affected

iridium

pilot_below_deck_equipment
open_port

CWE

NVD-CWE-Other

9.3 /10