CVE-2014-9194

Summary

Arbiter 1094B GPS Substation Clock allows remote attackers to cause a denial of service (disruption) via crafted radio transmissions that spoof GPS satellite broadcasts.

Affected Software

VendorProductVersion RangeStatus
Arbiter SystemsModel 1094B GPS Substation Clockall versionsaffected

Weaknesses

  • CWE-345: CWE-345

Workarounds

Arbiter Systems would like to stress that they have not heard of this vulnerability being exploited in an actual control system. They have created a new product line, the 1200 series, which is not vulnerable to this type of attack.

Arbiter Systems plans to continue to sell the 1094B model clock, because it is difficult to spoof the GPS signal and not likely to happen. In the unlikely event that the 1094B has been compromised, it can be recovered by removing and replacing the internal receiver battery. Arbiter Systems plans to investigate the feasibility of changing this model to protect against this type of exploit.

Please contact Arbiter Systems Technical Support for additional questions:

Phone: 1-800-321-3831 or 1-805-237-3831 Email: http://www.arbiter.com/contact/index.php

ADP Enrichment

CVE Program Container

Additional References

References