VAR-201601-0722
Vulnerability from variot - Updated: 2022-05-17 02:09Provided by Furuno Electric Co., Ltd. Voyage Data Recorder (VDR) VR-3000/VR-3000S and VR-7000 Firmware update function moduleserv Does not properly validate user input, root A vulnerability exists that allows arbitrary commands to be executed with privileges. The product page of Furuno Electric Co., Ltd. VDR Is "Records all crucial data to identify the cause of maritime casualty as well as contribute to the future prevention of the catastrophe of any kind. ( All important data is recorded not only to identify the cause of maritime disasters but also to prevent any future disasters. )" It has been described as. Voyage Data Recorder (VDR) VR-3000/VR-3000S and VR-7000 Firmware update function moduleserv Is 10110/TCP Waiting for communication. moduleserv Does not properly validate user input, so attackers root Any command can be executed with authority. For more information IOActive Blog, Maritime Security: Hacking into a Voyage Data Recorder (VDR) Please confirm. Maritime Security: Hacking into a Voyage Data Recorder (VDR) http://blog.ioactive.com/2015/12/maritime-security-hacking-into-voyage.htmlBy an attacker with network access to the device, root An arbitrary command may be executed with authority. The vulnerability stems from the program's insufficient filtering of user-submitted input. Successful exploits will result in complete compromise of the affected system
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0722",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "furuno",
"version": null
},
{
"model": "vr-3000/vr-3000s",
"scope": "lte",
"trust": 0.8,
"vendor": "furuno electric",
"version": "v1.50 from v1.54"
},
{
"model": "vr-3000/vr-3000s",
"scope": "lte",
"trust": 0.8,
"vendor": "furuno electric",
"version": "v1.61 v1.6 system"
},
{
"model": "vr-3000/vr-3000s",
"scope": "lte",
"trust": 0.8,
"vendor": "furuno electric",
"version": "v2.06 from v2.54"
},
{
"model": "vr-3000/vr-3000s",
"scope": "lte",
"trust": 0.8,
"vendor": "furuno electric",
"version": "v2.60 from v2.61"
},
{
"model": "vr-7000",
"scope": "lte",
"trust": 0.8,
"vendor": "furuno electric",
"version": "v1.02"
},
{
"model": "electric voyage data recorder vr-3000/vr-3000s/vr-7000",
"scope": null,
"trust": 0.6,
"vendor": "furuno",
"version": null
},
{
"model": "voyage data recorder vr-7000",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "1.02"
},
{
"model": "voyage data recorder vr-3000s",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "2.61"
},
{
"model": "voyage data recorder vr-3000s",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "2.60"
},
{
"model": "voyage data recorder vr-3000s",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "2.54"
},
{
"model": "voyage data recorder vr-3000s",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "2.06"
},
{
"model": "voyage data recorder vr-3000s",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "1.61"
},
{
"model": "voyage data recorder vr-3000s",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "1.54"
},
{
"model": "voyage data recorder vr-3000s",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "1.50"
},
{
"model": "voyage data recorder vr-3000",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "2.61"
},
{
"model": "voyage data recorder vr-3000",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "2.60"
},
{
"model": "voyage data recorder vr-3000",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "2.54"
},
{
"model": "voyage data recorder vr-3000",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "2.06"
},
{
"model": "voyage data recorder vr-3000",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "1.61"
},
{
"model": "voyage data recorder vr-3000",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "1.54"
},
{
"model": "voyage data recorder vr-3000",
"scope": "eq",
"trust": 0.3,
"vendor": "furuno",
"version": "1.50"
},
{
"model": "voyage data recorder vr-7000",
"scope": "ne",
"trust": 0.3,
"vendor": "furuno",
"version": "1.04"
},
{
"model": "voyage data recorder vr-3000s",
"scope": "ne",
"trust": 0.3,
"vendor": "furuno",
"version": "2.62"
},
{
"model": "voyage data recorder vr-3000s",
"scope": "ne",
"trust": 0.3,
"vendor": "furuno",
"version": "2.56"
},
{
"model": "voyage data recorder vr-3000s",
"scope": "ne",
"trust": 0.3,
"vendor": "furuno",
"version": "1.62"
},
{
"model": "voyage data recorder vr-3000s",
"scope": "ne",
"trust": 0.3,
"vendor": "furuno",
"version": "1.56"
},
{
"model": "voyage data recorder vr-3000",
"scope": "ne",
"trust": 0.3,
"vendor": "furuno",
"version": "2.62"
},
{
"model": "voyage data recorder vr-3000",
"scope": "ne",
"trust": 0.3,
"vendor": "furuno",
"version": "2.56"
},
{
"model": "voyage data recorder vr-3000",
"scope": "ne",
"trust": 0.3,
"vendor": "furuno",
"version": "1.62"
},
{
"model": "voyage data recorder vr-3000",
"scope": "ne",
"trust": 0.3,
"vendor": "furuno",
"version": "1.56"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#820196"
},
{
"db": "CNVD",
"id": "CNVD-2016-00346"
},
{
"db": "BID",
"id": "79817"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001002"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:misc:furuno_vr-3000%2Fvr-3000s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:furuno_vr-7000_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001002"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ruben Santamarta of IOActive.",
"sources": [
{
"db": "BID",
"id": "79817"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-313"
}
],
"trust": 0.9
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2016-001002",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-00346",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "IPA",
"id": "JVNDB-2016-001002",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2016-00346",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00346"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001002"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Provided by Furuno Electric Co., Ltd. Voyage Data Recorder (VDR) VR-3000/VR-3000S and VR-7000 Firmware update function moduleserv Does not properly validate user input, root A vulnerability exists that allows arbitrary commands to be executed with privileges. The product page of Furuno Electric Co., Ltd. VDR Is \"Records all crucial data to identify the cause of maritime casualty as well as contribute to the future prevention of the catastrophe of any kind. ( All important data is recorded not only to identify the cause of maritime disasters but also to prevent any future disasters. )\" It has been described as. Voyage Data Recorder (VDR) VR-3000/VR-3000S and VR-7000 Firmware update function moduleserv Is 10110/TCP Waiting for communication. moduleserv Does not properly validate user input, so attackers root Any command can be executed with authority. For more information IOActive Blog, Maritime Security: Hacking into a Voyage Data Recorder (VDR) Please confirm. Maritime Security: Hacking into a Voyage Data Recorder (VDR) http://blog.ioactive.com/2015/12/maritime-security-hacking-into-voyage.htmlBy an attacker with network access to the device, root An arbitrary command may be executed with authority. The vulnerability stems from the program\u0027s insufficient filtering of user-submitted input. Successful exploits will result in complete compromise of the affected system",
"sources": [
{
"db": "CERT/CC",
"id": "VU#820196"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001002"
},
{
"db": "CNVD",
"id": "CNVD-2016-00346"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-313"
},
{
"db": "BID",
"id": "79817"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#820196",
"trust": 1.9
},
{
"db": "BID",
"id": "79817",
"trust": 1.5
},
{
"db": "JVN",
"id": "JVNVU98928449",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001002",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2016-00346",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201601-313",
"trust": 0.6
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#820196"
},
{
"db": "CNVD",
"id": "CNVD-2016-00346"
},
{
"db": "BID",
"id": "79817"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001002"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-313"
}
]
},
"id": "VAR-201601-0722",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00346"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00346"
}
]
},
"last_update_date": "2022-05-17T02:09:47.687000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "VDR",
"trust": 0.8,
"url": "http://www.furuno.com/jp/merchant/vdr/"
},
{
"title": "Patches for arbitrary command execution vulnerabilities for multiple FurunoElectricVoyageDataRecorder products",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/70281"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00346"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001002"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://blog.ioactive.com/2015/12/maritime-security-hacking-into-voyage.html"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/79817"
},
{
"trust": 0.8,
"url": "http://www.furuno.com/en/merchant/vdr/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu98928449/index.html"
},
{
"trust": 0.8,
"url": "https://www.kb.cert.org/vuls/id/820196\\"
},
{
"trust": 0.3,
"url": "http://www.furuno.com/en/"
},
{
"trust": 0.3,
"url": "https://www.kb.cert.org/vuls/id/820196"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#820196"
},
{
"db": "CNVD",
"id": "CNVD-2016-00346"
},
{
"db": "BID",
"id": "79817"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001002"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-313"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#820196"
},
{
"db": "CNVD",
"id": "CNVD-2016-00346"
},
{
"db": "BID",
"id": "79817"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001002"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-313"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-04T00:00:00",
"db": "CERT/CC",
"id": "VU#820196"
},
{
"date": "2016-01-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00346"
},
{
"date": "2016-01-04T00:00:00",
"db": "BID",
"id": "79817"
},
{
"date": "2016-01-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001002"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-313"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-04T00:00:00",
"db": "CERT/CC",
"id": "VU#820196"
},
{
"date": "2016-01-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00346"
},
{
"date": "2016-01-04T00:00:00",
"db": "BID",
"id": "79817"
},
{
"date": "2016-01-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001002"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-313"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-313"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Furuno Voyage Data Recorder (VDR) moduleserv firmware update utility fails to properly sanitize user-provided input",
"sources": [
{
"db": "CERT/CC",
"id": "VU#820196"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-313"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…