EXECUTIVE SUMMARY:
CVE-2024-6198 is a critical stack buffer overflow vulnerability with a CVSS score of 7.7 in Viasat satellite modems that allows unauthenticated attackers to execute arbitrary code via the SNORE web interface exposed on ports. The flaw stems from improper input validation in the binary’s use, enabling exploitation through crafted HTTP requests that overflow a fixed-size buffer and hijack execution flow using return-oriented programming. Impacting multiple modem models with outdated firmware, this vulnerability exposes environments relying on satellite communications—such as maritime, military, and energy sectors—to remote code execution, traffic interception, and malware deployment. Although patches have been issued via OTA updates, affected devices must be online to receive them, emphasizing the need for timely patch verification, network isolation, and stronger exploit mitigation strategies.
RECOMMENDATION:
We strongly recommend you Viasat to below versions:
REFERENCES:
The following reports contain further technical details:
https://cybersecuritynews.com/critical-viasat-firmware-vulnerability/