CVE-2025-30234

Name of the Vulnerable Software and Affected Versions SmartOS version 60f76fd2-143f-4f57-819b-1ae32684e81b

Description The issue concerns static host SSH keys in a specific Debian 12 LX zone image. This could potentially allow unauthorized access. The estimated number of affected devices is not provided. There is no information about real-world incidents where this issue was exploited. Technical details include the use of hard-coded cryptographic keys, specifically CWE-321 Use of Hard-coded Cryptographic Key.

Recommendations For SmartOS version 60f76fd2-143f-4f57-819b-1ae32684e81b, consider regenerating SSH keys to prevent unauthorized access. As a temporary workaround, restrict access to the affected image until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.