CyberSec.Space Logo
Back to CVE Browser

CVE-2013-2820

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1100%
EPSS Percentile27.15th
PublishedJan 15, 2014
Last ModifiedApr 29, 2026

Vulnerability Description

The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to reprogram the firmware via a replay attack using UDP ports 17336 and 17388.

Affected Platforms (CPE)

πŸ’»
Sierrawireless

Raven X Ev Do Firmware

= 4221_4.0.11.003
πŸ’»
Sierrawireless

Raven X Ev Do Firmware

= 4228_4.0.11.003
πŸ”Œ
Sierrawireless

Airlink Mp At\&t

All versions
πŸ”Œ
Sierrawireless

Airlink Mp At\&t Wifi

All versions
πŸ”Œ
Sierrawireless

Airlink Mp Bell

All versions
πŸ”Œ
Sierrawireless

Airlink Mp Bell Wifi

All versions
πŸ”Œ
Sierrawireless

Airlink Mp Row

All versions
πŸ”Œ
Sierrawireless

Airlink Mp Row Wifi

All versions
πŸ”Œ
Sierrawireless

Airlink Mp Sprint

All versions
πŸ”Œ
Sierrawireless

Airlink Mp Sprint Wifi

All versions
πŸ”Œ
Sierrawireless

Airlink Mp Telus

All versions
πŸ”Œ
Sierrawireless

Airlink Mp Telus Wifi

All versions
πŸ”Œ
Sierrawireless

Airlink Mp Verizon

All versions
πŸ”Œ
Sierrawireless

Airlink Mp Verizon Wifi

All versions
πŸ”Œ
Sierrawireless

Pinpoint X

All versions
πŸ”Œ
Sierrawireless

Pinpoint Xt

All versions
πŸ”Œ
Sierrawireless

Raven X

All versions
πŸ”Œ
Sierrawireless

Raven X Ev Do

All versions
πŸ”Œ
Sierrawireless

Raven Xe

All versions
πŸ”Œ
Sierrawireless

Raven Xt

All versions

References & Advisories

πŸ”— http://ics-cert.us-cert.gov/advisories/ICSA-14-007-01A
πŸ”— http://www.sierrawireless.com/resources/support/airlink/docs/raven%20security%20vulnerability%202014-01-10.pdf
πŸ”— http://ics-cert.us-cert.gov/advisories/ICSA-14-007-01A
πŸ”— http://www.sierrawireless.com/resources/support/airlink/docs/raven%20security%20vulnerability%202014-01-10.pdf

Related Vulnerabilities

CVE-2013-28199.3

The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to install Trojan ho...

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

CVE-2026-48854

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...

CVE-2026-48853

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc all...