PT-2016-5118 · Syslink · Sl-1000
Jeremy Allen
+1
·
Publicado
2016-04-25
·
Atualizado
2016-05-04
·
CVE-2016-2333
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway devices with firmware prior to 01A.8
Description
The issue concerns the use of a hardcoded encryption key across different installations of the device, allowing attackers to bypass cryptographic protection by leveraging knowledge of this key from another installation.
Recommendations
For firmware versions prior to 01A.8, update the firmware to version 01A.8 or later to resolve the issue.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Sl-1000