Analysis & Insights

Transport

Researchers Find Firmware Vulnerabilities In Marine Diesel Engine Controllers

16 - 23 October 2018

Researchers found four several authentication and encryption firmware vulnerabilities in marine diesel engine controllers and their Android applications by Norwegian marine supplier Auto-Maskin.
Cyber_News_Transport
Researchers found four several authentication and encryption firmware vulnerabilities in marine diesel engine controllers and their Android applications by Norwegian marine supplier Auto-Maskin. These vulnerabilities could be abused by attackers to modify firmware and configuration files, install malware, and take control of a vessel’s engines. For instance, two vulnerabilities (CVE-2018-5401 and CVE-2018-5400) affect Auto-Maskin Marine Pro field devices and Marine Pro Observer Android application. They could also be exploited to send spoofed Modbus TCP packets to any Marine Pro field device to modify supported settings, including turning off a vessel’s engines. 

References:
[1] Aircraft Analysis Tool Facing the Internet Exposes Airlines to Risks
 
 
 

More Weekly Cyber Newsanalysis and insights

Transport

Researchers Find Firmware Vulnerabilities In Marine Diesel Engine Controllers

16 - 23 October 2018

Researchers found four several authentication and encryption firmware vulnerabilities in marine diesel engine controllers and their Android applications by Norwegian marine supplier Auto-Maskin.
Cyber_News_Transport
Researchers found four several authentication and encryption firmware vulnerabilities in marine diesel engine controllers and their Android applications by Norwegian marine supplier Auto-Maskin. These vulnerabilities could be abused by attackers to modify firmware and configuration files, install malware, and take control of a vessel’s engines. For instance, two vulnerabilities (CVE-2018-5401 and CVE-2018-5400) affect Auto-Maskin Marine Pro field devices and Marine Pro Observer Android application. They could also be exploited to send spoofed Modbus TCP packets to any Marine Pro field device to modify supported settings, including turning off a vessel’s engines. 

References:
[1] Aircraft Analysis Tool Facing the Internet Exposes Airlines to Risks
 
 
 

More Weekly Cyber Newsanalysis and insights