The consulting company IOActive publish a series of vulnerabilities found in AmosConnect 8 platform from Inmarsat. The software is used for monitor GPS and Technology systems on board, as well as providing messaging, email and web browsing services.
One of the bugs was found in the login form, allowing the attacker to easily obtain the username and password from the product database. The other flaw allows the attacker to gain privileged access remotely. The latter could allow execute commands that can compromise personal and operational data, but could put in danger the navigation and general IT system.
The systems are evolving and this example show how important is for maritime companies to start updating their systems and taking of the security.
