CVE-2013-2819

The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to install Trojan horse firmware by leveraging cleartext credentials in a crafted (1) update or (2) reprogramming action.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
icscertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
VendorProductVersion
sierrawirelessraven_x_ev-do_firmware
4221_4.0.11.003:_4.0
sierrawirelessraven_x_ev-do_firmware
4228_4.0.11.003:_4.0
sierrawirelessairlink_mp_at\&t
-
sierrawirelessairlink_mp_at\&t_wifi
-
sierrawirelessairlink_mp_bell
-
sierrawirelessairlink_mp_bell_wifi
-
sierrawirelessairlink_mp_row
-
sierrawirelessairlink_mp_row_wifi
-
sierrawirelessairlink_mp_sprint
-
sierrawirelessairlink_mp_sprint_wifi
-
sierrawirelessairlink_mp_telus
-
sierrawirelessairlink_mp_telus_wifi
-
sierrawirelessairlink_mp_verizon
-
sierrawirelessairlink_mp_verizon_wifi
-
sierrawirelesspinpoint_x
-
sierrawirelesspinpoint_xt
-
sierrawirelessraven_x
-
sierrawirelessraven_x_ev-do
-
sierrawirelessraven_xe
-
sierrawirelessraven_xt
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://ics-cert.us-cert.gov/advisories/ICSA-14-007-01A
http://www.sierrawireless.com/resources/support/airlink/docs/raven%20security%20vulnerability%202014-01-10.pdf
http://ics-cert.us-cert.gov/advisories/ICSA-14-007-01A
http://www.sierrawireless.com/resources/support/airlink/docs/raven%20security%20vulnerability%202014-01-10.pdf