Cookies help us deliver the best experience on our website. By using our website, you agree to our use of cookies Dismiss

Inmarsat responds to ‘exploit’ claim for retired AmosConnect version

Cyber security firm IOActive has released a report outlining a potential vulnerability it says it discovered in Inmarsat’s AmosConnect platform that would provide a backdoor into the shipboard system – however, Inmarsat has responded to note that the software version in question was already retired prior to IOActive’s test, and that it has also previously issued a patch to close the vulnerability.

{mprestriction ids="1,2"}The research, authored by IOActive's principal security consultant, Mario Ballano, says that the flaws that were discovered in AmosConnect version 8.0 include blind SQL injection in a login form, and a backdoor account that provides full system privileges and could allow remote unauthenticated attackers to execute arbitrary code on the AmosConnect server.

The report notes that, if compromised, this flaw could be leveraged to gain unauthorised network access to information stored in the AmosConnect server and potentially open access to other connected systems or networks.

IOActive says that it informed Inmarsat of these potential vulnerabilities in October 2016, and completed the disclosure process in July of 2017.

In response, an Inmarsat spokesperson noted that AmosConnect 8 (AC8) is no longer in service, and said that the satellite operator had already begun a process to retire that version of the software from its portfolio prior to IOActive’s report, having communicated to customers in 2016 that the service would be terminated in July 2017.

“When IOActive brought the potential vulnerability to our attention, early in 2017, and despite the product reaching end of life, Inmarsat issued a security patch that was applied to AC8 to greatly reduce the risk potentially posed. We also removed the ability for users to download and activate AC8 from our public website,” Inmarsat’s spokesperson said, in a statement.

“It is important to note that this vulnerability would have been very difficult to exploit as it would require direct access to the shipboard PC that ran the AC8 e-mail client. This could only be done by direct physical access to the PC, which would require an intruder to gain access to the ship and then to the computer. (Remote) access was deemed to be a remote possibility as this would have been blocked by Inmarsat’s shoreside firewalls.”

Inmarsat also says that, in addition to the fixes issued, its central server no longer accepts connections from AmosConnect 8 e-mail clients, so the software could not be connected even if a customer wanted to use it. The satellite operator notes that it has made IOActive aware of all of the above information.{/mprestriction}

Related items

Joomla SEF URLs by Artio

Login/Register

Register or Login to view even more of our content. Basic registration is free.

Register now

Digital Ship magazine provides the latest information about maritime satellite communications technology, software systems, navigation technology, computer networks, data management and TMSA. It is published ten times a year.

 

Address:
Digital Ship Ltd
Digital Ship - Digital Energy Journal
39-41 North Road
London
N7 9DP
United Kingdom

Copyright © 2019 Digital Ship Ltd. All rights reserved           Cookie Policy         Privacy Policy

x