PT-2015-3064 · Advantech · Eki-132X+2
Neil Smith
·
Publicado
2015-11-07
·
Atualizado
2015-11-09
·
CVE-2015-6476
CVSS v2.0
10
Alta
| Vetor | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Advantech EKI-122x-BE devices versions prior to 1.65
Advantech EKI-132x devices versions prior to 1.98
Advantech EKI-136x devices versions prior to 1.27
Description
The issue is related to hardcoded SSH keys in the affected devices, making it easier for remote attackers to obtain access via an SSH session. This allows a remote attacker to gain access to the device by establishing an SSH connection.
Recommendations
For Advantech EKI-122x-BE devices versions prior to 1.65, update the firmware to version 1.65 or later.
For Advantech EKI-132x devices versions prior to 1.98, update the firmware to version 1.98 or later.
For Advantech EKI-136x devices versions prior to 1.27, update the firmware to version 1.27 or later.
Correção
Using Hardcoded Credentials
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Eki-122X-Be
Eki-132X
Eki-136X