PT-2016-5118 · Syslink · Sl-1000

Jeremy Allen

Published

2016-04-25

Updated

2016-05-04

CVE-2016-2333

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway devices with firmware prior to 01A.8

Description The issue concerns the use of a hardcoded encryption key across different installations of the device, allowing attackers to bypass cryptographic protection by leveraging knowledge of this key from another installation.

Recommendations For firmware versions prior to 01A.8, update the firmware to version 01A.8 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-310

Related Identifiers

CVE-2016-2333

Affected Products

Sl-1000

PT-2016-5118 · Syslink · Sl-1000

CVE-2016-2333

Weakness Enumeration

Related Identifiers

Affected Products

References · 2