PatchSiren cyber security CVE debrief
CVE-2024-39374 marKoni CVE debrief
TELSAT marKoni FM Transmitters contain a critical vulnerability (CVSS 9.8) in which a hidden administrative account is protected by hard-coded credentials, allowing unauthenticated remote attackers to gain full administrative control. The vulnerability affects Markoni-D (Compact) and Markoni-DH (Exciter+Amplifiers) FM Transmitters prior to version 2.0.1. Because these devices are network-accessible broadcast infrastructure components, exploitation could enable attackers to disrupt radio transmission operations, reconfigure transmitter settings, or pivot into connected broadcast networks. The issue was disclosed by CISA on June 27, 2024, with a patched firmware version available from the vendor.
- Vendor
- marKoni
- Product
- Unknown
- CVSS
- CRITICAL 9.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-06-27
- Original CVE updated
- 2024-06-27
- Advisory published
- 2024-06-27
- Advisory updated
- 2024-06-27
Who should care
Broadcast station engineers, critical infrastructure security teams, media organizations operating FM transmission equipment, and OT security practitioners responsible for radio broadcast networks
Technical summary
The vulnerability exists due to hard-coded credentials protecting a hidden administrative account in marKoni FM Transmitter firmware. Attackers with network access to the device can authenticate using these static credentials without prior knowledge of legitimate accounts, obtaining complete administrative control over transmitter configuration and operations. The attack requires no user interaction and can be executed remotely. Affected products include Markoni-D (Compact) FM Transmitters and Markoni-DH (Exciter+Amplifiers) FM Transmitters running firmware versions prior to 2.0.1.
Defensive priority
critical
Recommended defensive actions
- Upgrade affected marKoni Markoni-D and Markoni-DH FM Transmitters to firmware version 2.0.1 or later
- Restrict network access to transmitter management interfaces using firewall rules or network segmentation
- Audit device configurations for unauthorized administrative access or configuration changes
- Monitor network traffic for unexpected connections to transmitter management ports
- Contact marKoni technical support for additional hardening guidance if vendor contact is required
Evidence notes
CISA ICS advisory ICSA-24-179-01 confirms hard-coded credentials in a hidden admin account affecting marKoni FM Transmitters. CVSS 3.1 vector AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H supports critical severity. Remediation guidance specifies firmware version 2.0.1 as the fixed release.
Official resources
-
CVE-2024-39374 CVE record
CVE.org
-
CVE-2024-39374 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-06-27