CVE-2019-12549

Sažetak

WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded private keys for the SSH daemon. The fingerprint of the SSH host key from the corresponding SSH daemon matches the embedded private key.

Reference

https://cert.vde.com/en-us/advisories/vde-2019-013
https://ics-cert.us-cert.gov/advisories/ICSA-19-164-02
https://www.wago.com/us/

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

19-06-2019 - 17:51

Objavljeno

17-06-2019 - 17:15