Interlogix Hills ComNav

Monitor6.2ICS-CERT ICSA-22-109-01Apr 19, 2022

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Hills ComNav devices contain weak authentication mechanisms (CWE-307, CWE-326) that could allow an attacker with local network access to log in and modify system settings. The vulnerability is not remotely exploitable. ComNav firmware versions prior to 3002-19 are affected. Carrier recommends upgrading to Version 4000-12 or later, which is the latest supported version.

What this means

What could happen

An attacker with physical or local network access to a Hills ComNav device could log in without proper authentication controls and modify system settings, potentially affecting navigation or control functions.

Who's at risk

Marine and navigation system operators using Hills ComNav devices, particularly in maritime and vessel automation environments. Affects ComNav firmware versions prior to 3002-19, with fixes available only for Carrier-supported versions (4000-12 or later).

How it could be exploited

An attacker with local network or physical access to the ComNav device could exploit weak authentication mechanisms (CWE-307: Improper Restriction of Rendered UI Layers or Frames, CWE-326: Inadequate Encryption Strength) to log in without proper credentials and modify critical system parameters.

Prerequisites

Local network access to the ComNav device (not remotely exploitable)
Physical proximity or access to the device's local network segment
No valid credentials required due to weak authentication implementation

No authentication required to exploitLow complexity exploitationWeak encryption/authentication mechanismsLocal/physical access required limits immediate risk

Exploitability

Low exploit probability (EPSS 0.0%)

Affected products (1)

ProductAffected VersionsFix Status

Hills ComNav:< 3002-194000-12 or later

Remediation & Mitigation

0/3

Do now

0/1

HARDENINGMinimize network exposure for ComNav devices; ensure they are not accessible from the Internet or untrusted networks

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade Hills ComNav firmware to Version 4000-12 or later (latest supported version)

Long-term hardening

0/1

HARDENINGIsolate ComNav devices from the business network and place behind firewalls to restrict local network access

CVEs (2)

CVE-2022-26519 CVE-2022-1318

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/00d019fc-b036-4454-b873-95cd8e115ce2