← Back

CVE-2013-2820

nvd nist
Published: Jan 15, 2014Modified: Apr 29, 2026

JSON object

Loading...
10.0
Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
Exploitability: 10.0 / Impact: 10.0
Source: NVD

Description

The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to reprogram the firmware via a replay attack using UDP ports 17336 and 17388.

Affected (20)

Sierrawireless
19 products
Raven X Ev Do Firmware
Airlink Mp At&t
Airlink Mp At&t Wifi
Airlink Mp Bell
Airlink Mp Bell Wifi
Airlink Mp Row
Airlink Mp Row Wifi
Airlink Mp Sprint
Airlink Mp Sprint Wifi
Airlink Mp Telus
Airlink Mp Telus Wifi
Airlink Mp Verizon
Airlink Mp Verizon Wifi
Pinpoint X
Pinpoint Xt
Raven X
Raven X Ev Do
Raven Xe
Raven Xt
Configuration A
20 vulnerable
Vulnerable SoftwareAffected Versions
Sierrawireless
Raven X Ev Do Firmware
Version 4221_4.0.11.003
Raven X Ev Do Firmware
Version 4228_4.0.11.003
Airlink Mp At&t
All versions
Airlink Mp At&t Wifi
All versions
Airlink Mp Bell
All versions
Airlink Mp Bell Wifi
All versions
Airlink Mp Row
All versions
Airlink Mp Row Wifi
All versions
Airlink Mp Sprint
All versions
Airlink Mp Sprint Wifi
All versions
Airlink Mp Telus
All versions
Airlink Mp Telus Wifi
All versions
Airlink Mp Verizon
All versions
Airlink Mp Verizon Wifi
All versions
Pinpoint X
All versions
Pinpoint Xt
All versions
Raven X
All versions
Raven X Ev Do
All versions
Raven Xe
All versions
Raven Xt
All versions

Related CWEs

CWE-287
Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (4)

Source: ics-cert@hq.dhs.gov
US Government Resource
Source: ics-cert@hq.dhs.gov
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.