CVE-2024-39375 marKoni CVE debrief

Who should care

Broadcast media organizations, radio station operators, telecommunications providers, and critical infrastructure entities operating FM transmission equipment. Security teams managing industrial control systems in media and communications sectors should prioritize this patch due to the critical severity and remote exploitability.

Technical summary

The vulnerability exists in the authentication mechanism of TELSAT marKoni FM Transmitter management interfaces. An unauthenticated remote attacker can bypass authentication controls and obtain administrative privileges on the device. This grants full control over transmitter configuration and operation, with impacts spanning confidentiality, integrity, and availability of broadcast services. The attack requires no user interaction and can be executed over the network. Firmware version 2.0.1 remediates the authentication bypass flaw.

Defensive priority

critical

Recommended defensive actions

• Upgrade marKoni Markoni-D (Compact) and Markoni-DH (Exciter+Amplifiers) FM Transmitters to firmware version 2.0.1 or later.
• Contact Markoni directly for patch availability and installation guidance if not already on supported version.
• Restrict network access to FM transmitter management interfaces to authorized administrative hosts only.
• Monitor for unauthorized configuration changes or unexpected administrative sessions on affected devices.
• Apply defense-in-depth controls per CISA ICS recommended practices for industrial control systems.

Evidence notes

CISA CSAF advisory ICSA-24-179-01 confirms authentication bypass leading to admin privilege acquisition. Affected products explicitly listed as marKoni Markoni-D (Compact) FM Transmitters and Markoni-DH (Exciter+Amplifiers) FM Transmitters with fixed version 2.0.1. CVSS 3.1 vector AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H supports critical severity rating.

Official resources