CVE-2019-16320 — MEDIUM (5.3)

Q: What is CVE-2019-16320?

CVE-2019-16320 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Cobham Sea Tel v170 224521 through v194 225444 devices allow attackers to obtain potentially sensitive information, such as a vessel's latitude and longitude, via the public SNMP community.

Q: How severe is CVE-2019-16320?

CVE-2019-16320 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2019-16320?

Check the references section above for vendor advisories and patch information. Affected products include: Cobham Sea Tel Coastal 18 Firmware, Cobham Sea Tel Coastal 18, Cobham Sailor 600 Vsat Ku Firmware, Cobham Sailor 600 Vsat Ku, Cobham Sailor 800 Vsat Firmware.

Vulnerability Description

Cobham Sea Tel v170 224521 through v194 225444 devices allow attackers to obtain potentially sensitive information, such as a vessel's latitude and longitude, via the public SNMP community.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Cobham	Sea Tel Coastal 18 Firmware	>= 170_224521, <= 194_225444
Cobham	Sea Tel Coastal 18	-
Cobham	Sailor 600 Vsat Ku Firmware	>= 170_224521, <= 194_225444
Cobham	Sailor 600 Vsat Ku	-
Cobham	Sailor 800 Vsat Firmware	>= 170_224521, <= 194_225444
Cobham	Sailor 800 Vsat	-
Cobham	Sailor 900 Vsat Firmware	>= 170_224521, <= 194_225444
Cobham	Sailor 900 Vsat	-
Cobham	Sailor 900 Vsat High Power Firmware	>= 170_224521, <= 194_225444
Cobham	Sailor 900 Vsat High Power	-
Cobham	Sea Tel 4009 Vsat Broadband-At-Sea Firmware	>= 170_224521, <= 194_225444
Cobham	Sea Tel 4009 Vsat Broadband-At-Sea	-
Cobham	Sea Tel 5012 Vsat Firmware	>= 170_224521, <= 194_225444
Cobham	Sea Tel 5012 Vsat	-
Cobham	Sea Tel 6012 Vsat Ku-Band Firmware	>= 170_224521, <= 194_225444
Cobham	Sea Tel 6012 Vsat Ku-Band	-
Cobham	Sea Tel 6012 Vsat C-Band Firmware	>= 170_224521, <= 194_225444
Cobham	Sea Tel 6012 Vsat C-Band	-
Cobham	Sea Tel Usat30 Vsat Firmware	>= 170_224521, <= 194_225444
Cobham	Sea Tel Usat30 Vsat	-

Related Weaknesses (CWE)

CWE-200

References

https://misteralfa-hack.blogspot.com/2019/09/cobham-terminales-satelitales-seateThird Party Advisory
https://misteralfa-hack.blogspot.com/2019/09/cobham-terminales-satelitales-seateThird Party Advisory

FAQ

What is CVE-2019-16320?

CVE-2019-16320 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Cobham Sea Tel v170 224521 through v194 225444 devices allow attackers to obtain potentially sensitive information, such as a vessel's latitude and longitude, via the public SNMP community.

How severe is CVE-2019-16320?

CVE-2019-16320 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-16320?

Check the references section above for vendor advisories and patch information. Affected products include: Cobham Sea Tel Coastal 18 Firmware, Cobham Sea Tel Coastal 18, Cobham Sailor 600 Vsat Ku Firmware, Cobham Sailor 600 Vsat Ku, Cobham Sailor 800 Vsat Firmware.