What is the severity of CVE-2013-2819?

CVE-2013-2819 is considered to have a high severity rating due to the potential for unauthorized firmware installation.

How do I fix CVE-2013-2819?

To fix CVE-2013-2819, update your Sierra Wireless AirLink Raven X EV-DO gateway to the latest firmware version that addresses this vulnerability.

What types of attacks are possible with CVE-2013-2819?

CVE-2013-2819 allows remote attackers to leverage cleartext credentials to install malicious firmware on affected devices.

Which firmware versions are affected by CVE-2013-2819?

CVE-2013-2819 affects the Sierra Wireless AirLink Raven X EV-DO gateway firmware versions 4221_4.0.11.003 and 4228_4.0.11.003.

Who is impacted by CVE-2013-2819?

Users of the Sierra Wireless AirLink Raven X EV-DO gateways that have not updated their firmware are at risk due to CVE-2013-2819.

Vulnerability/
CVE-2013-2819

critical

9.3

CWE

255

15/1/2014

16/1/2014

CVE-2013-2819

First published: Wed Jan 15 2014(Updated: )

The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to install Trojan horse firmware by leveraging cleartext credentials in a crafted (1) update or (2) reprogramming action.

Credit: ics-cert@hq.dhs.gov

Affected Software	Affected Version	How to fix
Sierra Wireless Raven X EV-DO Firmware	=4221_4.0.11.003
Sierra Wireless Raven X EV-DO Firmware	=4228_4.0.11.003
Sierra Wireless AirLink MP AT&T
Sierra Wireless Airlink MP AT&T
Sierra Wireless AirLink MP Bell
Sierra Wireless AirLink MP
Sierra Wireless Airlink MP Row
Sierra Wireless AirLink MP Series
Sierra Wireless AirLink MP Sprint
Sierra Wireless AirLink MP Sprint
Sierra Wireless AirLink MP Telus
Sierra Wireless AirLink MP
Sierra Wireless Airlink MP Verizon Wifi
Sierra Wireless Airlink MP Verizon Wifi
Sierra Wireless Pinpoint X
Sierra Wireless Pinpoint Xt
Sierra Wireless Raven X
Sierra Wireless Raven X EV-DO
Sierra Wireless Airlink Raven Xe Firmware
Sierra Wireless Airlink Raven Xt

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-2819?
CVE-2013-2819 is considered to have a high severity rating due to the potential for unauthorized firmware installation.
How do I fix CVE-2013-2819?
To fix CVE-2013-2819, update your Sierra Wireless AirLink Raven X EV-DO gateway to the latest firmware version that addresses this vulnerability.
What types of attacks are possible with CVE-2013-2819?
CVE-2013-2819 allows remote attackers to leverage cleartext credentials to install malicious firmware on affected devices.
Which firmware versions are affected by CVE-2013-2819?
CVE-2013-2819 affects the Sierra Wireless AirLink Raven X EV-DO gateway firmware versions 4221_4.0.11.003 and 4228_4.0.11.003.
Who is impacted by CVE-2013-2819?
Users of the Sierra Wireless AirLink Raven X EV-DO gateways that have not updated their firmware are at risk due to CVE-2013-2819.

agent/weakness
agent/references
agent/severity
agent/type
agent/softwarecombine
agent/first-publish-date
agent/last-modified-date
agent/tags
agent/author
collector/nvd-index
agent/software-canonical-lookup-request
agent/event
agent/description
vendor/sierrawireless
canonical/sierra wireless raven x ev-do firmware
version/sierra wireless raven x ev-do firmware/4221_4.0.11.003
version/sierra wireless raven x ev-do firmware/4228_4.0.11.003
canonical/sierra wireless airlink mp at&t
canonical/sierra wireless airlink mp bell
canonical/sierra wireless airlink mp
canonical/sierra wireless airlink mp row
canonical/sierra wireless airlink mp series
canonical/sierra wireless airlink mp sprint
canonical/sierra wireless airlink mp telus
canonical/sierra wireless airlink mp verizon wifi
canonical/sierra wireless pinpoint x
canonical/sierra wireless pinpoint xt
canonical/sierra wireless raven x
canonical/sierra wireless raven x ev-do
canonical/sierra wireless airlink raven xe firmware
canonical/sierra wireless airlink raven xt