CVE-2024-39375
published 2024-06-27CVE-2024-39375: TELSAT marKoni FM Transmitters are vulnerable to an attacker bypassing authentication and gaining administrator privileges.
PriorityP261critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.57%
42.7th percentile
TELSAT marKoni FM Transmitters are vulnerable to an attacker bypassing authentication and gaining administrator privileges.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| markoni | markoni-d_firmware | < 2.0.1 | 2.0.1 |
| markoni | markoni-d_fm_transmitters | < 2.0.1 | 2.0.1 |
| markoni | markoni-dh_firmware | < 2.0.1 | 2.0.1 |
| markoni | markoni-dh_fm_transmitters | < 2.0.1 | 2.0.1 |
Detection & IOCsextracted from sources · hover to see the quote
- →CVE-2024-39375 is a client-side authentication bypass (CWE-603) affecting TELSAT marKoni FM Transmitters (Markoni-D and Markoni-DH) all versions prior to 2.0.1, allowing unauthenticated remote attackers to gain administrator privileges. Monitor for unauthenticated administrative access attempts against these devices. ↗
- →A public Proof of Concept (PoC) exists for this vulnerability, authored by Gjoko Krstic. Treat any exploitation attempts as high-confidence malicious activity given PoC availability. ↗
- →The vulnerability is exploitable remotely with low attack complexity and no privileges or user interaction required (CVSS v3.1: AV:N/AC:L/PR:N/UI:N). Prioritize network-level detection for exposed marKoni FM Transmitter management interfaces. ↗
- ·Authentication is performed client-side (CWE-603), meaning server-side enforcement is absent. Any network-accessible management interface on unpatched devices (all versions prior to 2.0.1) should be treated as effectively unauthenticated. ↗
- ·Related CVE-2024-39374 describes hard-coded credentials for a hidden admin account on the same devices, which may be chained with CVE-2024-39375 for full administrative compromise. ↗
- ·Affected products are Markoni-D (Compact) FM Transmitters and Markoni-DH (Exciter+Amplifiers) FM Transmitters, all versions prior to 2.0.1. Version 2.0.1 is the patched release. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.09.3CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-mxfh-pj5j-6v79: TELSAT marKoni FM Transmitters are vulnerable to an attacker bypassing authentication and gaining administrator privileges
ghsa_unreviewed·2024-06-27
CVE-2024-39375 [CRITICAL] CWE-603 GHSA-mxfh-pj5j-6v79: TELSAT marKoni FM Transmitters are vulnerable to an attacker bypassing authentication and gaining administrator privileges
TELSAT marKoni FM Transmitters are vulnerable to an attacker bypassing authentication and gaining administrator privileges.
CISA ICS
TELSAT marKoni FM Transmitter
cisa_ics·2024-06-27·CVSS 9.3
[CRITICAL] TELSAT marKoni FM Transmitter
ICS Advisory
##
TELSAT marKoni FM Transmitter
Release DateJune 27, 2024
Alert CodeICSA-24-179-01
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 9.3
- ATTENTION: Exploitable remotely/low attack complexity/public exploits are available
- Vendor: marKoni
- Equipment: Markoni-D (Compact) FM Transmitters, Markoni-DH (Exciter+Amplifiers) FM Transmitters
- Vulnerabilities: Command Injection, Use of Hard-coded Credentials, Use of Client-Side Authentication, Improper Access Control
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to tamper with the product to bypass authentication or perform remote code execution.
## 3. TECHNICAL DETA
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-06-27
Published