Broadband satellite terminals using Iridium Pilot and OpenPort have been
found to contain undocumented hardcoded login credentials (CWE-798).
Additionally, these broadband satellite terminals utilize an insecure
proprietary communications protocol that allows unauthenticated users to
perform privileged operations on the devices (CWE-306)
A remote unauthenticated attacker may be able to gain privileged access
to the device. Additionally, a remote unauthenticated attacker may be
able to execute arbitrary code on the device.
No comments:
Post a Comment