CVE-2019-13022
📋 TL;DR
CVE-2019-13022 allows attackers to trivially reverse-engineer administrator passwords in Bond JetSelect by exploiting a weak XOR-based encryption algorithm. This enables privilege escalation within the application, affecting all versions of Bond JetSelect. Compromised administrators can modify or delete all networking configurations across vessels and managed network devices.
💻 Affected Systems
- Bond JetSelect
📦 What is this software?
Jetselect by Jetstream
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete takeover of vessel network infrastructure, allowing attackers to reconfigure or disable all network devices (switches, routers), potentially disrupting critical maritime operations.
Likely Case
Unauthorized access to JetSelect administrative functions, enabling network configuration changes, data exfiltration, or persistence within the network.
If Mitigated
Limited impact if strong network segmentation, monitoring, and access controls prevent exploitation or contain damage.
🎯 Exploit Status
Exploitation requires access to the encrypted password storage (database) but reversing the XOR algorithm is trivial once obtained.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: None
Vendor Advisory: Not publicly available
Restart Required: No
Instructions:
No official patch exists. Consider upgrading to a different product or implementing compensating controls.
🔧 Temporary Workarounds
Change Administrator Passwords
allManually reset all JetSelect administrator passwords to strong, unique credentials not generated by the vulnerable algorithm.
Restrict Database Access
allLimit access to the JetSelect database containing encrypted passwords to only necessary administrative users.
🧯 If You Can't Patch
- Isolate JetSelect systems from critical network segments using firewalls or VLANs.
- Implement multi-factor authentication for JetSelect administrative access if supported.
🔍 How to Verify
Check if Vulnerable:
Check if ENCtool.jar is present in the JetSelect installation and examine password storage for XOR-encrypted values.Check Version:
Check JetSelect version via application interface or documentation; all versions are affected.Verify Fix Applied:
Verify that new administrator passwords are not stored using the reversible XOR method and are hashed with a strong algorithm.📡 Detection & Monitoring
Log Indicators:
- Unusual administrative login attempts or configuration changes in JetSelect logs.
- Access to database tables containing encrypted passwords from unauthorized sources.
Network Indicators:
- Unexpected network configuration changes or device reconfigurations originating from JetSelect systems.
SIEM Query:
Search for JetSelect admin login events followed by rapid configuration changes across multiple network devices.