PT-2024-13699 · Precor · Precor Touchscreen Console
Anthony Ioppolo
+1
·
Published
2024-06-07
·
Updated
2024-09-13
·
CVE-2023-49224
CVSS v3.1
8.0
High
| Vector | AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Precor touchscreen console versions P62, P80, and P82
Description
The issue concerns a default SSH public key in the authorized keys file, which could be exploited by a remote attacker to gain root privileges.
Recommendations
For Precor touchscreen console versions P62, P80, and P82, remove the default SSH public key from the authorized keys file to prevent unauthorized access.
Fix
Using Hardcoded Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Precor Touchscreen Console