Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2015-6476 (GCVE-0-2015-6476)
Vulnerability from cvelistv5 – Published: 2015-11-07 02:00 – Updated: 2024-08-06 07:22
VLAI?
EPSS
Summary
Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1.98, and EKI-136x devices with firmware before 1.27 have hardcoded SSH keys, which makes it easier for remote attackers to obtain access via an SSH session.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Date Public ?
2015-11-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:22:21.684Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-309-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1.98, and EKI-136x devices with firmware before 1.27 have hardcoded SSH keys, which makes it easier for remote attackers to obtain access via an SSH session."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-11-07T02:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-309-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2015-6476",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1.98, and EKI-136x devices with firmware before 1.27 have hardcoded SSH keys, which makes it easier for remote attackers to obtain access via an SSH session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-309-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-309-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2015-6476",
"datePublished": "2015-11-07T02:00:00.000Z",
"dateReserved": "2015-08-17T00:00:00.000Z",
"dateUpdated": "2024-08-06T07:22:21.684Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2015-6476",
"date": "2026-04-19",
"epss": "0.00325",
"percentile": "0.55585"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2015-6476\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2015-11-07T03:59:00.127\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1.98, and EKI-136x devices with firmware before 1.27 have hardcoded SSH keys, which makes it easier for remote attackers to obtain access via an SSH session.\"},{\"lang\":\"es\",\"value\":\"Dispositivos Advantech EKI-122x-BE con firmware en versiones anteriores a 1.65, disposititvos EKI-132x con firmware en versiones anteriores a 1.98 y dispositivos EKI-136x con firmware en versiones anteriores a 1.27 tienen claves SSH embebidas, lo que hace m\u00e1s facil a atacantes remotos obtener acceso a trav\u00e9s de una sesi\u00f3n SSH.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:advantech:eki-1321_series_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.96\",\"matchCriteriaId\":\"1890F2BC-F142-416F-849C-2E373A06FCA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:advantech:eki-1322_series_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.96\",\"matchCriteriaId\":\"BE9EAB7C-D317-4CDD-889B-AA421DF76694\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:advantech:eki-1321:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D7B68EA-F9AD-4CC6-BAFA-B5129EEFE856\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:advantech:eki-1322:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A27AED1-8435-4E68-98B7-22E2ECE6174D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:advantech:eki-1361_series_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.17\",\"matchCriteriaId\":\"6F301098-8128-4926-90D6-0190964891D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:advantech:eki-1362_series_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.17\",\"matchCriteriaId\":\"35F5689B-F1D2-400D-8DD5-C9DD5AAE72F4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:advantech:eki-1361:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"925AC192-E081-450A-BFB4-73CF9728E22C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:advantech:eki-1362:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21ED3DFA-0A24-412F-ABDC-8C23893DAB37\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:advantech:eki-122x_series_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.49\",\"matchCriteriaId\":\"8217E10B-54CA-4664-A721-9CBA23A23F2B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:advantech:eki-1221:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"519A0B53-DACF-46FD-B52C-8691B931F6DA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:advantech:eki-1221d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BCC7BB2-333E-4C90-A2DE-81C9017AFD3F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:advantech:eki-1222:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23B86996-68E7-4314-8F28-2B275AFD3576\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:advantech:eki-1222d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"205149C4-040E-4F2C-A0B8-B39EE42CB70B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:advantech:eki-1224:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F74E576-4E04-48B0-8031-5F80E59EBFCE\"}]}]}],\"references\":[{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-15-309-01\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-15-309-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}],\"evaluatorComment\":\"\u003ca href=\\\"http://cwe.mitre.org/data/definitions/798.html\\\" target=\\\"_blank\\\"\u003eCWE-798: Use of Hard-coded Credentials\u003c/a\u003e\"}}"
}
}
CNVD-2015-07475
Vulnerability from cnvd - Published: 2015-11-12
VLAI Severity ?
Title
多款Advantech产品SSH密钥漏洞
Description
Advantech EKI-122x-BE、EKI-132x和EKI-136x都是中国研华(Advantech)公司的串口设备联网服务器,它可通过以太网通讯协议为远程监控串行设备提供各种冗余配置和多路存取配置。
多款Advantech产品中存在安全漏洞。由于程序使用硬编码的SSH密钥。远程攻击者可通过SSH会话利用该漏洞获取访问权限。
Severity
高
Patch Name
多款Advantech产品SSH密钥漏洞的补丁
Patch Description
Advantech EKI-122x-BE、EKI-132x和EKI-136x都是中国研华(Advantech)公司的串口设备联网服务器,它可通过以太网通讯协议为远程监控串行设备提供各种冗余配置和多路存取配置。
多款Advantech产品中存在安全漏洞。由于程序使用硬编码的SSH密钥。远程攻击者可通过SSH会话利用该漏洞获取访问权限。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
用户可联系供应商获得补丁信息: http://www.advantech.com/
Reference
https://ics-cert.us-cert.gov/advisories/ICSA-15-309-01
Impacted products
| Name | ['Advantech EKI-122X-BE <1.65', 'Advantech EKI-132X <1.98', 'Advantech EKI-136x <1.27'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2015-6476"
}
},
"description": "Advantech EKI-122x-BE\u3001EKI-132x\u548cEKI-136x\u90fd\u662f\u4e2d\u56fd\u7814\u534e\uff08Advantech\uff09\u516c\u53f8\u7684\u4e32\u53e3\u8bbe\u5907\u8054\u7f51\u670d\u52a1\u5668\uff0c\u5b83\u53ef\u901a\u8fc7\u4ee5\u592a\u7f51\u901a\u8baf\u534f\u8bae\u4e3a\u8fdc\u7a0b\u76d1\u63a7\u4e32\u884c\u8bbe\u5907\u63d0\u4f9b\u5404\u79cd\u5197\u4f59\u914d\u7f6e\u548c\u591a\u8def\u5b58\u53d6\u914d\u7f6e\u3002\r\n\r\n\u591a\u6b3eAdvantech\u4ea7\u54c1\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u7531\u4e8e\u7a0b\u5e8f\u4f7f\u7528\u786c\u7f16\u7801\u7684SSH\u5bc6\u94a5\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7SSH\u4f1a\u8bdd\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u8bbf\u95ee\u6743\u9650\u3002",
"discovererName": "ICS-CERT",
"formalWay": "\u7528\u6237\u53ef\u8054\u7cfb\u4f9b\u5e94\u5546\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttp://www.advantech.com/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2015-07475",
"openTime": "2015-11-12",
"patchDescription": "Advantech EKI-122x-BE\u3001EKI-132x\u548cEKI-136x\u90fd\u662f\u4e2d\u56fd\u7814\u534e\uff08Advantech\uff09\u516c\u53f8\u7684\u4e32\u53e3\u8bbe\u5907\u8054\u7f51\u670d\u52a1\u5668\uff0c\u5b83\u53ef\u901a\u8fc7\u4ee5\u592a\u7f51\u901a\u8baf\u534f\u8bae\u4e3a\u8fdc\u7a0b\u76d1\u63a7\u4e32\u884c\u8bbe\u5907\u63d0\u4f9b\u5404\u79cd\u5197\u4f59\u914d\u7f6e\u548c\u591a\u8def\u5b58\u53d6\u914d\u7f6e\u3002\r\n\u591a\u6b3eAdvantech\u4ea7\u54c1\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u7531\u4e8e\u7a0b\u5e8f\u4f7f\u7528\u786c\u7f16\u7801\u7684SSH\u5bc6\u94a5\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7SSH\u4f1a\u8bdd\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u8bbf\u95ee\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "\u591a\u6b3eAdvantech\u4ea7\u54c1SSH\u5bc6\u94a5\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Advantech EKI-122X-BE \u003c1.65",
"Advantech EKI-132X \u003c1.98",
"Advantech EKI-136x \u003c1.27"
]
},
"referenceLink": "https://ics-cert.us-cert.gov/advisories/ICSA-15-309-01",
"serverity": "\u9ad8",
"submitTime": "2015-11-10",
"title": "\u591a\u6b3eAdvantech\u4ea7\u54c1SSH\u5bc6\u94a5\u6f0f\u6d1e"
}
BDU:2016-00269
Vulnerability from fstec - Published: 07.11.2015
VLAI Severity ?
Title
Уязвимость встроенного программного обеспечения промышленного Ethernet-коммутатора EKI серий 1361, 1362, 1321, 122х, 1322 позволяющая нарушителю получить доступ к устройству
Description
Уязвимость встроенного программного обеспечения промышленного Ethernet-коммутатора EKI серий 1361, 1362, 1321, 122х, 1322 содержит ключи SSH по умолчанию. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, получить доступ к устройству путём установки SSH-соединения
Severity ?
Vendor
Advantech Co., Ltd
Software Name
EKI серии 1361, EKI серии 1362, EKI серии 1321, EKI серии 122X, EKI серии 1322
Software Version
до 1.27 (EKI серии 1361), до 1.27 (EKI серии 1362), до 1.98 (EKI серии 1321), до 1.65 (EKI серии 122X), до 1.98 (EKI серии 1322)
Possible Mitigations
Рекомендации по устранению доступны по адресу:
https://ics-cert.us-cert.gov/advisories/ICSA-15-309-01
Reference
https://ics-cert.us-cert.gov/advisories/ICSA-15-309-01
CWE
CWE-798
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS 3.0": null,
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Advantech Co., Ltd",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 1.27 (EKI \u0441\u0435\u0440\u0438\u0438 1361), \u0434\u043e 1.27 (EKI \u0441\u0435\u0440\u0438\u0438 1362), \u0434\u043e 1.98 (EKI \u0441\u0435\u0440\u0438\u0438 1321), \u0434\u043e 1.65 (EKI \u0441\u0435\u0440\u0438\u0438 122X), \u0434\u043e 1.98 (EKI \u0441\u0435\u0440\u0438\u0438 1322)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u043f\u043e \u0430\u0434\u0440\u0435\u0441\u0443:\nhttps://ics-cert.us-cert.gov/advisories/ICSA-15-309-01",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "07.11.2015",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "23.03.2021",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "08.02.2016",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2016-00269",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2015-6476",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "EKI \u0441\u0435\u0440\u0438\u0438 1361, EKI \u0441\u0435\u0440\u0438\u0438 1362, EKI \u0441\u0435\u0440\u0438\u0438 1321, EKI \u0441\u0435\u0440\u0438\u0438 122X, EKI \u0441\u0435\u0440\u0438\u0438 1322",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0433\u043e Ethernet-\u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u0430 EKI \u0441\u0435\u0440\u0438\u0439 1361, 1362, 1321, 122\u0445, 1322 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0443",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0416\u0435\u0441\u0442\u043a\u043e\u0435 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-798)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0433\u043e Ethernet-\u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u0430 EKI \u0441\u0435\u0440\u0438\u0439 1361, 1362, 1321, 122\u0445, 1322 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u043a\u043b\u044e\u0447\u0438 SSH \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0443 \u043f\u0443\u0442\u0451\u043c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 SSH-\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "-",
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://ics-cert.us-cert.gov/advisories/ICSA-15-309-01",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-798",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)"
}
FKIE_CVE-2015-6476
Vulnerability from fkie_nvd - Published: 2015-11-07 03:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1.98, and EKI-136x devices with firmware before 1.27 have hardcoded SSH keys, which makes it easier for remote attackers to obtain access via an SSH session.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-15-309-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-15-309-01 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:advantech:eki-1321_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1890F2BC-F142-416F-849C-2E373A06FCA3",
"versionEndIncluding": "1.96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:advantech:eki-1322_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE9EAB7C-D317-4CDD-889B-AA421DF76694",
"versionEndIncluding": "1.96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:advantech:eki-1321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D7B68EA-F9AD-4CC6-BAFA-B5129EEFE856",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:advantech:eki-1322:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A27AED1-8435-4E68-98B7-22E2ECE6174D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:advantech:eki-1361_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F301098-8128-4926-90D6-0190964891D8",
"versionEndIncluding": "1.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:advantech:eki-1362_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35F5689B-F1D2-400D-8DD5-C9DD5AAE72F4",
"versionEndIncluding": "1.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:advantech:eki-1361:*:*:*:*:*:*:*:*",
"matchCriteriaId": "925AC192-E081-450A-BFB4-73CF9728E22C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:advantech:eki-1362:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21ED3DFA-0A24-412F-ABDC-8C23893DAB37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:advantech:eki-122x_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8217E10B-54CA-4664-A721-9CBA23A23F2B",
"versionEndIncluding": "1.49",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:advantech:eki-1221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "519A0B53-DACF-46FD-B52C-8691B931F6DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:advantech:eki-1221d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BCC7BB2-333E-4C90-A2DE-81C9017AFD3F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:advantech:eki-1222:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23B86996-68E7-4314-8F28-2B275AFD3576",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:advantech:eki-1222d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "205149C4-040E-4F2C-A0B8-B39EE42CB70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:advantech:eki-1224:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F74E576-4E04-48B0-8031-5F80E59EBFCE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1.98, and EKI-136x devices with firmware before 1.27 have hardcoded SSH keys, which makes it easier for remote attackers to obtain access via an SSH session."
},
{
"lang": "es",
"value": "Dispositivos Advantech EKI-122x-BE con firmware en versiones anteriores a 1.65, disposititvos EKI-132x con firmware en versiones anteriores a 1.98 y dispositivos EKI-136x con firmware en versiones anteriores a 1.27 tienen claves SSH embebidas, lo que hace m\u00e1s facil a atacantes remotos obtener acceso a trav\u00e9s de una sesi\u00f3n SSH."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/798.html\" target=\"_blank\"\u003eCWE-798: Use of Hard-coded Credentials\u003c/a\u003e",
"id": "CVE-2015-6476",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-11-07T03:59:00.127",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-309-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-309-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
VAR-201511-0046
Vulnerability from variot - Updated: 2025-04-13 23:09Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1.98, and EKI-136x devices with firmware before 1.27 have hardcoded SSH keys, which makes it easier for remote attackers to obtain access via an SSH session. Supplementary information : CWE Vulnerability type by CWE-798: Use of Hard-coded Credentials ( Using hard-coded credentials ) Has been identified. http://cwe.mitre.org/data/definitions/798.htmlBy a third party SSH Access may be gained through a session. Advantech EKI-122x-BE, EKI-132x and EKI-136x are all serial device networking servers of Advantech, Inc., which provide various redundant configurations and multiple channels for remote monitoring of serial devices via Ethernet communication protocol. Access configuration. Security vulnerabilities exist in several Advantech products. Multiple Advantech EKI products are prone to a security-bypass vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201511-0046",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "eki-1321 series",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "1.96"
},
{
"model": "eki-122x series",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "1.49"
},
{
"model": "eki-1361 series",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "1.17"
},
{
"model": "eki-1322 series",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "1.96"
},
{
"model": "eki-1362 series",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "1.17"
},
{
"model": "eki-1221",
"scope": null,
"trust": 0.8,
"vendor": "advantech",
"version": null
},
{
"model": "eki-1221d",
"scope": null,
"trust": 0.8,
"vendor": "advantech",
"version": null
},
{
"model": "eki-1222",
"scope": null,
"trust": 0.8,
"vendor": "advantech",
"version": null
},
{
"model": "eki-1222d",
"scope": null,
"trust": 0.8,
"vendor": "advantech",
"version": null
},
{
"model": "eki-1224",
"scope": null,
"trust": 0.8,
"vendor": "advantech",
"version": null
},
{
"model": "eki-122x series",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "1.65"
},
{
"model": "eki-1321",
"scope": null,
"trust": 0.8,
"vendor": "advantech",
"version": null
},
{
"model": "eki-1321 series",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "1.98"
},
{
"model": "eki-1322",
"scope": null,
"trust": 0.8,
"vendor": "advantech",
"version": null
},
{
"model": "eki-1322 series",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "1.98"
},
{
"model": "eki-1361",
"scope": null,
"trust": 0.8,
"vendor": "advantech",
"version": null
},
{
"model": "eki-1361 series",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "1.27"
},
{
"model": "eki-1362",
"scope": null,
"trust": 0.8,
"vendor": "advantech",
"version": null
},
{
"model": "eki-1362 series",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "1.27"
},
{
"model": "eki-122x-be",
"scope": "lt",
"trust": 0.6,
"vendor": "advantech",
"version": "1.65"
},
{
"model": "eki-132x",
"scope": "lt",
"trust": 0.6,
"vendor": "advantech",
"version": "1.98"
},
{
"model": "eki-136x",
"scope": "lt",
"trust": 0.6,
"vendor": "advantech",
"version": "1.27"
},
{
"model": "eki-1361 series",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "1.17"
},
{
"model": "eki-122x series",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "1.49"
},
{
"model": "eki-1321 series",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "1.96"
},
{
"model": "eki-1362 series",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "1.17"
},
{
"model": "eki-1322 series",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "1.96"
},
{
"model": "eki-1360",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "0"
},
{
"model": "eki-1320",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "0"
},
{
"model": "eki-1220-be",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "0"
},
{
"model": "eki-1360",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "1.27"
},
{
"model": "eki-1320",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "1.98"
},
{
"model": "eki-1220-be",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "1.65"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "eki 1321 series",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "eki 1322 series",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "eki 1361 series",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "eki 1362 series",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "eki 122x series",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "7c6174c4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-07475"
},
{
"db": "BID",
"id": "77498"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005812"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-113"
},
{
"db": "NVD",
"id": "CVE-2015-6476"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:advantech:eki-1221",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:advantech:eki-1221d",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:advantech:eki-1222",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:advantech:eki-1222d",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:advantech:eki-1224",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:advantech:eki-122x_series_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:advantech:eki-1321",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:advantech:eki-1321_series_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:advantech:eki-1322",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:advantech:eki-1322_series_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:advantech:eki-1361",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:advantech:eki-1361_series_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:advantech:eki-1362",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:advantech:eki-1362_series_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005812"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Neil Smith",
"sources": [
{
"db": "BID",
"id": "77498"
}
],
"trust": 0.3
},
"cve": "CVE-2015-6476",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6476",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-07475",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "7c6174c4-2351-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-84437",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6476",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-6476",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2015-07475",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201511-113",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "7c6174c4-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84437",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7c6174c4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-07475"
},
{
"db": "VULHUB",
"id": "VHN-84437"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005812"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-113"
},
{
"db": "NVD",
"id": "CVE-2015-6476"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1.98, and EKI-136x devices with firmware before 1.27 have hardcoded SSH keys, which makes it easier for remote attackers to obtain access via an SSH session. Supplementary information : CWE Vulnerability type by CWE-798: Use of Hard-coded Credentials ( Using hard-coded credentials ) Has been identified. http://cwe.mitre.org/data/definitions/798.htmlBy a third party SSH Access may be gained through a session. Advantech EKI-122x-BE, EKI-132x and EKI-136x are all serial device networking servers of Advantech, Inc., which provide various redundant configurations and multiple channels for remote monitoring of serial devices via Ethernet communication protocol. Access configuration. Security vulnerabilities exist in several Advantech products. Multiple Advantech EKI products are prone to a security-bypass vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6476"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005812"
},
{
"db": "CNVD",
"id": "CNVD-2015-07475"
},
{
"db": "BID",
"id": "77498"
},
{
"db": "IVD",
"id": "7c6174c4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-84437"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6476",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-15-309-01",
"trust": 3.4
},
{
"db": "CNNVD",
"id": "CNNVD-201511-113",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2015-07475",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005812",
"trust": 0.8
},
{
"db": "BID",
"id": "77498",
"trust": 0.4
},
{
"db": "IVD",
"id": "7C6174C4-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-89764",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-84437",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7c6174c4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-07475"
},
{
"db": "VULHUB",
"id": "VHN-84437"
},
{
"db": "BID",
"id": "77498"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005812"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-113"
},
{
"db": "NVD",
"id": "CVE-2015-6476"
}
]
},
"id": "VAR-201511-0046",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7c6174c4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-07475"
},
{
"db": "VULHUB",
"id": "VHN-84437"
}
],
"trust": 1.9
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "7c6174c4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-07475"
}
]
},
"last_update_date": "2025-04-13T23:09:44.756000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "EKI-136*",
"trust": 0.8,
"url": "http://support.advantech.com.tw/Support/SearchResult.aspx?keyword=EKI-136*\u0026searchtabs=Firmware"
},
{
"title": "EKI-132*",
"trust": 0.8,
"url": "http://support.advantech.com.tw/Support/SearchResult.aspx?keyword=EKI-132*\u0026searchtabs=Firmware"
},
{
"title": "EKI-122*",
"trust": 0.8,
"url": "http://support.advantech.com.tw/Support/SearchResult.aspx?keyword=EKI-122*\u0026searchtabs=Firmware"
},
{
"title": "Patches for several Advantech product SSH key vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/66571"
},
{
"title": "Multiple Advantech Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58608"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07475"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005812"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-113"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005812"
},
{
"db": "NVD",
"id": "CVE-2015-6476"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-309-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6476"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6476"
},
{
"trust": 0.3,
"url": "http://www.advantech.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07475"
},
{
"db": "VULHUB",
"id": "VHN-84437"
},
{
"db": "BID",
"id": "77498"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005812"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-113"
},
{
"db": "NVD",
"id": "CVE-2015-6476"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7c6174c4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-07475"
},
{
"db": "VULHUB",
"id": "VHN-84437"
},
{
"db": "BID",
"id": "77498"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005812"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-113"
},
{
"db": "NVD",
"id": "CVE-2015-6476"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-12T00:00:00",
"db": "IVD",
"id": "7c6174c4-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2015-11-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07475"
},
{
"date": "2015-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-84437"
},
{
"date": "2015-11-05T00:00:00",
"db": "BID",
"id": "77498"
},
{
"date": "2015-11-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005812"
},
{
"date": "2015-11-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-113"
},
{
"date": "2015-11-07T03:59:00.127000",
"db": "NVD",
"id": "CVE-2015-6476"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07475"
},
{
"date": "2015-11-09T00:00:00",
"db": "VULHUB",
"id": "VHN-84437"
},
{
"date": "2015-11-05T00:00:00",
"db": "BID",
"id": "77498"
},
{
"date": "2015-11-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005812"
},
{
"date": "2015-11-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-113"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-6476"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201511-113"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Advantech EKI Vulnerability to gain access rights in device firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005812"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "77498"
}
],
"trust": 0.3
}
}
ICSA-15-309-01
Vulnerability from csaf_cisa - Published: 2015-08-08 06:00 - Updated: 2025-06-09 16:27Summary
Advantech EKI Hard-coded SSH Keys Vulnerability
Notes
Legal Notice: All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
CISA Disclaimer: This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Recommended Practices: CISA recommends users take defensive measures to minimize the risk of exploitation.
Recommended Practices: Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Recommended Practices: Locate control system networks and remote devices behind firewalls and isolating them from business networks.
Recommended Practices: When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.
Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices: CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices: Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices: Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices: CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
6.5 (Medium)
Mitigation
Update EKI-136* product line to the latest version. (http://support.advantech.com.tw/Support/SearchResult.aspx?keyword=EKI-136*&searchtabs=Firmware)
http://support.advantech.com.tw/Support/SearchRes…
Mitigation
Update EKI-132* product line to the latest version. (http://support.advantech.com.tw/Support/SearchResult.aspx?keyword=EKI-132*&searchtabs=Firmware)
http://support.advantech.com.tw/Support/SearchRes…
Mitigation
Update EKI-122* product line to the latest version. (http://support.advantech.com.tw/Support/SearchResult.aspx?keyword=EKI-122*&searchtabs=Firmware)
http://support.advantech.com.tw/Support/SearchRes…
References
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-15-309-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2015/icsa-15-309-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-15-309-01 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-15-309-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
}
],
"title": "Advantech EKI Hard-coded SSH Keys Vulnerability",
"tracking": {
"current_release_date": "2025-06-09T16:27:27.090625Z",
"generator": {
"date": "2025-06-09T16:27:27.090529Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-15-309-01",
"initial_release_date": "2015-08-08T06:00:00.000000Z",
"revision_history": [
{
"date": "2015-08-08T06:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
},
{
"date": "2025-06-09T16:27:27.090625Z",
"legacy_version": "CSAF Conversion",
"number": "2",
"summary": "Advisory converted into a CSAF"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.27",
"product": {
"name": "Advantech EKI-136* product line firmware: \u003c1.27",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "EKI-136* product line firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.98",
"product": {
"name": "Advantech EKI-132* product line firmware: \u003c1.98",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "EKI-132* product line firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.65",
"product": {
"name": "Advantech EKI-122*-BE product line firmware: \u003c1.65",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "EKI-122*-BE product line firmware"
}
],
"category": "vendor",
"name": "Advantech"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-6476",
"cwe": {
"id": "CWE-798",
"name": "Use of Hard-coded Credentials"
},
"notes": [
{
"category": "summary",
"text": "Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1.98, and EKI-136x devices with firmware before 1.27 have hardcoded SSH keys, which makes it easier for remote attackers to obtain access via an SSH session.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Update EKI-136* product line to the latest version. (http://support.advantech.com.tw/Support/SearchResult.aspx?keyword=EKI-136*\u0026searchtabs=Firmware)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "http://support.advantech.com.tw/Support/SearchResult.aspx?keyword=EKI-136*\u0026searchtabs=Firmware"
},
{
"category": "mitigation",
"details": "Update EKI-132* product line to the latest version. (http://support.advantech.com.tw/Support/SearchResult.aspx?keyword=EKI-132*\u0026searchtabs=Firmware)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "http://support.advantech.com.tw/Support/SearchResult.aspx?keyword=EKI-132*\u0026searchtabs=Firmware"
},
{
"category": "mitigation",
"details": "Update EKI-122* product line to the latest version. (http://support.advantech.com.tw/Support/SearchResult.aspx?keyword=EKI-122*\u0026searchtabs=Firmware)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "http://support.advantech.com.tw/Support/SearchResult.aspx?keyword=EKI-122*\u0026searchtabs=Firmware"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
}
]
}
]
}
GSD-2015-6476
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1.98, and EKI-136x devices with firmware before 1.27 have hardcoded SSH keys, which makes it easier for remote attackers to obtain access via an SSH session.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2015-6476",
"description": "Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1.98, and EKI-136x devices with firmware before 1.27 have hardcoded SSH keys, which makes it easier for remote attackers to obtain access via an SSH session.",
"id": "GSD-2015-6476"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2015-6476"
],
"details": "Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1.98, and EKI-136x devices with firmware before 1.27 have hardcoded SSH keys, which makes it easier for remote attackers to obtain access via an SSH session.",
"id": "GSD-2015-6476",
"modified": "2023-12-13T01:20:04.581748Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2015-6476",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1.98, and EKI-136x devices with firmware before 1.27 have hardcoded SSH keys, which makes it easier for remote attackers to obtain access via an SSH session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-309-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-309-01"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:advantech:eki-1322_series_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.96",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:advantech:eki-1321_series_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.96",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:advantech:eki-1322:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:advantech:eki-1321:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:advantech:eki-1361_series_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.17",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:advantech:eki-1362_series_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.17",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:advantech:eki-1362:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:advantech:eki-1361:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:advantech:eki-122x_series_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.49",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:advantech:eki-1221:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:advantech:eki-1221d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:advantech:eki-1222:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:advantech:eki-1222d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:advantech:eki-1224:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2015-6476"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1.98, and EKI-136x devices with firmware before 1.27 have hardcoded SSH keys, which makes it easier for remote attackers to obtain access via an SSH session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-309-01",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-309-01"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2015-11-09T19:18Z",
"publishedDate": "2015-11-07T03:59Z"
}
}
}
GHSA-C77H-W7C8-63X2
Vulnerability from github – Published: 2022-05-17 04:02 – Updated: 2022-05-17 04:02
VLAI?
Details
Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1.98, and EKI-136x devices with firmware before 1.27 have hardcoded SSH keys, which makes it easier for remote attackers to obtain access via an SSH session.
{
"affected": [],
"aliases": [
"CVE-2015-6476"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2015-11-07T03:59:00Z",
"severity": "HIGH"
},
"details": "Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1.98, and EKI-136x devices with firmware before 1.27 have hardcoded SSH keys, which makes it easier for remote attackers to obtain access via an SSH session.",
"id": "GHSA-c77h-w7c8-63x2",
"modified": "2022-05-17T04:02:44Z",
"published": "2022-05-17T04:02:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-6476"
},
{
"type": "WEB",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-309-01"
}
],
"schema_version": "1.4.0",
"severity": []
}
Loading…
Show additional events:
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…