Neil Smith

**Nome do Software Vulnerável e Versões Afetadas** Dispositivos de Fim de Trem (EoT) e de Cabeça de Trem (HoT) (versões afetadas não especificadas) **Descrição** Existe uma vulnerabilidade crítica no protocolo de enlace remoto utilizado por dispositivos de Fim de Trem (EoT) e de Cabeça de Trem (HoT), que dependem de um checksum BCH para a criação de pacotes. Isso permite que atacantes criem pacotes maliciosos usando um rádio definido por software e emitam comandos de controle de freio para o dispositivo EoT. A exploração bem-sucedida poderia interromper as operações, potencialmente sobrecarregando os sistemas de freio, ou até mesmo causar descarrilamentos de trem. A vulnerabilidade é conhecida há aproximadamente 20 anos, com pesquisadores identificando a autenticação fraca já em 2012. Um ataque semelhante foi relatado na Polônia em agosto de 2023, onde o movimento do trem foi paralisado usando uma versão adaptada do exploit. A vulnerabilidade permite o controle remoto dos freios do trem a uma distância de várias milhas usando equipamentos relativamente inexpensivos (aproximadamente US$ 500). **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** Sixnet BT-5xxx versions prior to 3.8.21 Sixnet BT-6xxx versions prior to 3.8.21 Sixnet BT-5xxx and BT-6xxx version 3.9.x prior to 3.9.8 **Description** The issue allows remote attackers to obtain access due to hardcoded credentials in the devices. **Recommendations** For Sixnet BT-5xxx and BT-6xxx versions prior to 3.8.21, update to version 3.8.21 or later. For Sixnet BT-5xxx and BT-6xxx version 3.9.x prior to 3.9.8, update to version 3.9.8 or later.

**Name of the Vulnerable Software and Affected Versions** Westermo WeOS versions prior to 4.19.0 **Description** The issue allows man-in-the-middle attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a key, as the same SSL private key is used across different customers' installations. **Recommendations** For versions prior to 4.19.0, update to version 4.19.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Advantech EKI-122x-BE devices versions prior to 1.65 Advantech EKI-132x devices versions prior to 1.98 Advantech EKI-136x devices versions prior to 1.27 **Description** The issue is related to hardcoded SSH keys in the affected devices, making it easier for remote attackers to obtain access via an SSH session. This allows a remote attacker to gain access to the device by establishing an SSH connection. **Recommendations** For Advantech EKI-122x-BE devices versions prior to 1.65, update the firmware to version 1.65 or later. For Advantech EKI-132x devices versions prior to 1.98, update the firmware to version 1.98 or later. For Advantech EKI-136x devices versions prior to 1.27, update the firmware to version 1.27 or later.

**Name of the Vulnerable Software and Affected Versions** N-Tron 702-W Industrial Wireless Access Point devices (affected versions not specified) **Description** The issue concerns the use of identical SSH and HTTPS private keys across different installations of the devices, which can be exploited by remote attackers to defeat cryptographic protection mechanisms if they have knowledge of a key. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Samsung printer firmware versions prior to 20121031 **Description** The issue allows remote attackers to gain administrative access via an SNMP request due to a hardcoded read-write SNMP community. **Recommendations** For versions prior to 20121031, update the firmware to a version released after 20121031 to resolve the issue.