CVE-2019-19753

Name of the Vulnerable Software and Affected Versions SimpleMiningOS versions through v1259

Description The issue allows man-in-the-middle attacks due to SSH host keys being baked into the installation image. This also makes it trivial to identify all public IPv4 nodes using Shodan.io. The vendor has indicated no plans to fix this issue and discourages deployment using public IPv4.

Recommendations For SimpleMiningOS versions through v1259, consider disabling public IPv4 deployment as recommended by the vendor, and explore alternative secure deployment options to minimize the risk of man-in-the-middle attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.