Mark Cross

Name of the Vulnerable Software and Affected Versions: Red Lion Controls Sixnet-Managed Industrial Switches version 5.0.196 Red Lion Controls Stride-Managed Ethernet Switches version 5.0.190 Description: The issue is related to the use of hard-coded HTTP SSL/SSH keys in the firmware of the affected devices. This could allow a remote attacker to gain full control over the device, disrupt communication, or compromise the system. Recommendations: For Red Lion Controls Sixnet-Managed Industrial Switches version 5.0.196, update to SLX firmware Version 5.3.174. For Red Lion Controls Stride-Managed Ethernet Switches version 5.0.190, update to SLX firmware Version 5.3.174.