Show plain JSON{"containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Model 1094B GPS Substation Clock", "vendor": "Arbiter Systems", "versions": [{"status": "affected", "version": "all versions"}]}], "datePublic": "2015-01-13T07:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Arbiter 1094B GPS Substation Clock allows remote attackers to cause a denial of service (disruption) via crafted radio transmissions that spoof GPS satellite broadcasts.</p>"}], "value": "Arbiter 1094B GPS Substation Clock allows remote attackers to cause a denial of service (disruption) via crafted radio transmissions that spoof GPS satellite broadcasts."}], "metrics": [{"cvssV2_0": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 5.4, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-345", "description": "CWE-345", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2025-07-29T16:56:53.800Z"}, "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-345-01"}, {"url": "http://www.arbiter.com/contact/index.php"}], "source": {"advisory": "ICSA-14-345-01", "discovery": "UNKNOWN"}, "title": "Arbiter Systems 1094B GPS Clock Insufficient Verification of Data Authenticity", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Arbiter Systems would like to stress that they have not heard of this\n vulnerability being exploited in an actual control system. They have \ncreated a new product line, the 1200 series, which is not vulnerable to \nthis type of attack.</p>\n<p>Arbiter Systems plans to continue to sell the 1094B model clock, \nbecause it is difficult to spoof the GPS signal and not likely to \nhappen. In the unlikely event that the 1094B has been compromised, it \ncan be recovered by removing and replacing the internal receiver \nbattery. Arbiter Systems plans to investigate the feasibility of \nchanging this model to protect against this type of exploit.</p>\n<p>Please contact Arbiter Systems Technical Support for additional questions:</p><p>Phone: 1-800-321-3831 or 1-805-237-3831<br>Email: <a target=\"_blank\" rel=\"nofollow\">techsupport@arbiter.com</a></p><p>Web: <a target=\"_blank\" rel=\"nofollow\" href=\"http://www.arbiter.com/contact/index.php\">http://www.arbiter.com/contact/index.php</a>\n\n<br></p>"}], "value": "Arbiter Systems would like to stress that they have not heard of this\n vulnerability being exploited in an actual control system. They have \ncreated a new product line, the 1200 series, which is not vulnerable to \nthis type of attack.\n\n\nArbiter Systems plans to continue to sell the 1094B model clock, \nbecause it is difficult to spoof the GPS signal and not likely to \nhappen. In the unlikely event that the 1094B has been compromised, it \ncan be recovered by removing and replacing the internal receiver \nbattery. Arbiter Systems plans to investigate the feasibility of \nchanging this model to protect against this type of exploit.\n\n\nPlease contact Arbiter Systems Technical Support for additional questions:\n\nPhone: 1-800-321-3831 or 1-805-237-3831\nEmail: http://www.arbiter.com/contact/index.php"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "ID": "CVE-2014-9194", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Arbiter 1094B GPS Substation Clock allows remote attackers to cause a denial of service (disruption) via crafted radio transmissions that spoof GPS satellite broadcasts."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://ics-cert.us-cert.gov/advisories/ICSA-14-345-01", "refsource": "MISC", "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-345-01"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T13:40:23.230Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-345-01"}]}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2014-9194", "datePublished": "2015-01-17T02:00:00", "dateReserved": "2014-12-02T00:00:00", "dateUpdated": "2025-07-29T16:56:53.800Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"} 
ReportizFlow
MITRE
Vulnrichment
NVD
Redhat