1. EXECUTIVE SUMMARY
- CVSS v4 7.1
- ATTENTION: Exploitable from adjacent network
- Standard: Traffic Alert and Collision Avoidance System (TCAS) II
- Equipment: Collision Avoidance Systems
- Vulnerabilities: Reliance on Untrusted Inputs in a Security Decision, External Control of System or Configuration Setting
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to manipulate safety systems and cause a denial-of-service condition.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following revisions of TCAS II are affected:
- TCAS II: Versions 7.1 and prior
3.2 Vulnerability Overview
3.2.1 Reliance on Untrusted Inputs in a Security Decision CWE-807
By utilizing software-defined radios and a custom low-latency processing pipeline, RF signals with spoofed location data can be transmitted to aircraft targets. This can lead to the appearance of fake aircraft on displays and potentially trigger undesired Resolution Advisories (RAs).
CWE-2024-9310 has been assigned to this vulnerability. A CVSS v3.1 base score of 6.1 has been calculated; the CVSS vector string is (AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N).
A CVSS v4 score has also been calculated for CWE-2024-9310. A base score of 6.0 has been calculated; the CVSS vector string is (AV:A/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N).