CVE-2017-3222

Summary

Hard-coded credentials in AmosConnect 8 allow remote attackers to gain full administrative privileges, including the ability to execute commands on the Microsoft Windows host platform with SYSTEM privileges by abusing AmosConnect Task Manager.

Affected Software

VendorProductVersion RangeStatus
InmarsatAmosConnect8.0, 8.0.1, 8.0.2, 8.2.0, 8.2.1, 8.2.2, 8.3.0, 8.3.1, 8.4.0, 8.4.0.1affected

Weaknesses

  • CWE-798: CWE-798

ADP Enrichment

CVE Program Container

Additional References

References