Major Nautel transmitter vulnerability

Hi all,

This is just a quick little cross-post; some members on the Pubtech mailing list in the USA have pointed out that Nautel transmitter hardware is vulnerable both to having a common password across all devices for ‘root’ on the ARM controller for the transmitter, and a vulnerable version of sshd, both of which expose their units to significant risk of compromise via the ethernet control port.

I’ve not got a Nautel to hand to see what I can do but this is a management computer that handles communications and display of their transmitter control panel, so the suggestion that practically any features could be controlled by an attacker (adjusting transmission power, switching audio inputs from wired to IP delivered audio to hijack transmissions, etc) aren’t exactly far-fetched and could be relatively straightforward.

Long story short, if you’re running a Nautel, it should really be behind a firewall that does not permit any remote access. If you need access remotely, use a VPN to gain access to the transmitter via a router/firewall. There have been some cases of transmitters on the public internet being compromised. I know Nautels aren’t as widely used in the UK as they are in the USA, but this is a significant issue and I’ve not seen anything from Nautel within a few days of this coming to light so figured it’d be worth letting engineers who browse this forum know, since similar features are cropping up on non-Nautel gear too and the same issues might come up. Keep your XMTRs secure!