Recent Posts
Archives

AI BEA CTO Cybersecurity DefCon32 Devoxx DevoxxBE2023 DevoxxBE2024 DevoxxFR DevoxxGR2025 DevoxxGreece2025 DevoxxPL2022 DevoxxPoland DevoxxUK2024 DevoxxUS2017 Docker Eclipse EJB GWT Hibernate IntelliJ IDEA Java Jetty JMS Jonathan Lalou JSF Kotlin Kubernetes Maven Maven 2 Microservices Mule Mule ESB Oracle OxidizeConf2024 Python recommendation RustLang Security Spring SQL Tomcat tutorial Weblogic Weblogic 10

PostHeaderIcon [DefCon32] Breaking the Beam: Exploiting VSAT Modems from Earth

Author: Jonathan Lalou | May 4, 2025

Johannes Willbold, Moritz Schloegel, and Robin Bisping, researchers focused on satellite communications, expose vulnerabilities in VSAT modems, specifically the Newtec MDM2200. Their presentation details reverse-engineering efforts and novel signal injection attacks using software-defined radios (SDRs). By exploiting these systems, Johannes, Moritz, and Robin highlight the expanded attack surface of satellite communications, urging improved security for remote connectivity.

Reverse-Engineering VSAT Modems

Johannes outlines their approach to dissecting the MDM2200’s software stack, uncovering zero-day vulnerabilities. By analyzing firmware, they identified flaws that could allow remote code execution. This meticulous reverse-engineering, part of a broader project published at ACM WiSec 2024, reveals systemic weaknesses in VSAT systems critical for maritime and crisis communications.

Signal Injection Attacks

Moritz details their groundbreaking SDR-based attacks, injecting signals through the modem’s antenna to deliver bogus firmware updates or gain root shell access. Unlike previous VSAT attacks, such as the 2022 ViaSat hack, their method operates entirely from Earth, bypassing traditional network-based exploits. This approach significantly broadens the potential for remote exploitation.

Implications for Satellite Security

Robin discusses the real-world impact, noting that outdated Linux kernels (e.g., version 2.6.3) and latency-sensitive protocols like IPsec exacerbate vulnerabilities. Their end-to-end attack demonstrates the feasibility of compromising satellite modems, potentially disrupting critical communications. The researchers stress the urgency of updating VSAT security practices to protect remote regions.

Call for Robust Defenses

Concluding, Johannes advocates for modernized protocols, such as TLS over IPsec, and regular firmware updates to secure VSAT systems. Their work, soon to be published, invites further research to address these vulnerabilities. By demonstrating practical attacks, Johannes, Moritz, and Robin urge stakeholders to prioritize satellite communication security to safeguard global connectivity.

Links:

  • None
Posted in en-US | Tags: , , , , , ,

Leave a Reply

(c) 2008 Jonathan Lalou's Blog
All Rights Reserved.

Powered by WordPress and WordPress Theme | Host-euro.