Trusted Design

• 重大度: Unknown
• 公開日: 2018-07-13
• 更新日: 2024-08-06

概要

Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, are potentially vulnerable to improper input validation. The device's advanced status web page that is linked to from the basic status web page does not appear to properly parse malformed GET requests. This may lead to a denial of service.

このCVEに関連するMITRE ATT&CKテクニック

• T1557 - Adversary-in-the-Middle
• T1588.007 - Artificial Intelligence
• T1003.002 - Security Account Manager
• T1588.004 - Digital Certificates
• T1583.002 - DNS Server
• T1192 - Spearphishing Link
• T1652 - Device Driver Discovery
• T1591.003 - Identify Business Tempo
• T1484.002 - Trust Modification
• T1598.003 - Spearphishing Link
• T1583.005 - Botnet
• T1040 - Network Sniffing
• T1071 - Application Layer Protocol
• T1608.001 - Upload Malware
• T1190 - Exploit Public-Facing Application
• T1050 - New Service
• T1518.002 - Backup Software Discovery
• T1218.003 - CMSTP
• T1525 - Implant Internal Image
• T1547.005 - Security Support Provider
• T1181 - Extra Window Memory Injection
• T1155 - AppleScript
• T1585.002 - Email Accounts
• T1598.004 - Spearphishing Voice
• T1177 - LSASS Driver
• T1055.013 - Process Doppelgänging
• T1546.008 - Accessibility Features
• T1550.003 - Pass the Ticket
• T1649 - Steal or Forge Authentication Certificates
• T1051 - Shared Webroot
• T1586 - Compromise Accounts
• T1218.005 - Mshta
• T1608 - Stage Capabilities
• T1608.005 - Link Target
• T1598.002 - Spearphishing Attachment
• T1606 - Forge Web Credentials
• T1534 - Internal Spearphishing
• T1219.003 - Remote Access Hardware
• T1562.001 - Disable or Modify Tools
• T1584.006 - Web Services
• T1068 - Exploitation for Privilege Escalation
• T1486 - Data Encrypted for Impact
• T1567.003 - Exfiltration to Text Storage Sites
• T1595.003 - Wordlist Scanning
• T1553.004 - Install Root Certificate
• T1499 - Endpoint Denial of Service
• T1591.004 - Identify Roles
• T1543.001 - Launch Agent
• T1223 - Compiled HTML File
• T1498 - Network Denial of Service
• T1159 - Launch Agent
• T1564.005 - Hidden File System
• T1055.008 - Ptrace System Calls
• T1653 - Power Settings
• T1137.002 - Office Test
• T1204.001 - Malicious Link
• T1035 - Service Execution
• T1127 - Trusted Developer Utilities Proxy Execution

このCVEが関連しているPulses

• Vulnerability Note VU#614751 - Hughes satellite modems contain multiple vulnerabilities

CVEの関係性グラフ

---

← CVE一覧に戻る