Transport

Researchers Find Firmware Vulnerabilities In Marine Diesel Engine Controllers

16 - 23 October 2018

Researchers found four several authentication and encryption firmware vulnerabilities in marine diesel engine controllers and their Android applications by Norwegian marine supplier Auto-Maskin.
Cyber_News_Transport
Researchers found four several authentication and encryption firmware vulnerabilities in marine diesel engine controllers and their Android applications by Norwegian marine supplier Auto-Maskin. These vulnerabilities could be abused by attackers to modify firmware and configuration files, install malware, and take control of a vessel’s engines. For instance, two vulnerabilities (CVE-2018-5401 and CVE-2018-5400) affect Auto-Maskin Marine Pro field devices and Marine Pro Observer Android application. They could also be exploited to send spoofed Modbus TCP packets to any Marine Pro field device to modify supported settings, including turning off a vessel’s engines. 

References:
[1] Aircraft Analysis Tool Facing the Internet Exposes Airlines to Risks
 
 
 

More Weekly Cyber Newsanalysis and insights

Ensign Consulting

Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.​

Ensign Systems Integration

Architecting and implementing cybersecurity solutions that bolster defences

Ensign Managed Security Services

Managing your security operations for advanced threat detection, continuous monitoring, and triage services

Ensign Labs

Performing deep research to analyse vulnerabilities, deploy advanced threat hunting and provide cyber threat intelligence