CVE-2013-2819
9.3
Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
Exploitability: 8.6 / Impact: 10.0
Source: NVD
Description
The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to install Trojan horse firmware by leveraging cleartext credentials in a crafted (1) update or (2) reprogramming action.
Affected (20)
Products: Sierrawireless: Raven X Ev Do Firmware, Airlink Mp At&t, Airlink Mp At&t Wifi, Airlink Mp Bell, Airlink Mp Bell Wifi, Airlink Mp Row, Airlink Mp Row Wifi, Airlink Mp Sprint, Airlink Mp Sprint Wifi, Airlink Mp Telus, Airlink Mp Telus Wifi, Airlink Mp Verizon, Airlink Mp Verizon Wifi, Pinpoint X, Pinpoint Xt, Raven X, Raven X Ev Do, Raven Xe, Raven Xt
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4221_4.0.11.003 | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions |
Related CWEs
References (4)
Source: ics-cert@hq.dhs.gov
US Government Resource
Source: ics-cert@hq.dhs.gov
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.