CVE-2024-25730

Name of the Vulnerable Software and Affected Versions Hitron CODA-4582 and CODA-4589 devices (affected versions not specified)

Description The issue is related to insufficient entropy due to the use of default PSKs, which are generated from 5-digit hex values concatenated with a "Hitron" substring. This results in a limited number of possibilities, approximately one million. Exploitation of this issue may allow a remote attacker to impact the confidentiality, integrity, and availability of protected information.

Recommendations For Hitron CODA-4582 and CODA-4589 devices, consider changing the default PSK to a stronger, unique password to minimize the risk of exploitation. As a temporary workaround, restrict access to the devices until a more secure configuration can be implemented. Avoid using the default PSKs for any sensitive or production environments until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.