CVE-2021-23842

Name of the Vulnerable Software and Affected Versions AMC2 (affected versions not specified)

Description The issue concerns the use of the Blowfish symmetric encryption algorithm in communication between the AMC2 and the host system. An attacker with access to the local network, typically on the same subnet, could retrieve the key from the firmware to decrypt network traffic. This allows the attacker to modify network traffic, decrypt and investigate the device's firmware file, and change the device configuration.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.