CVE-2018-5399

EPSS 0.21%
Veröffentlicht 08.10.2018 15:29:02
Zuletzt bearbeitet 21.11.2024 04:08:44
Quelle cret@cert.org
CVE-Watchlists
Login
Unerledigt
Login

The Auto-Maskin DCU 210E firmware contains an undocumented Dropbear SSH server, v2015.55, configured to listen on Port 22 while the DCU is running. The Dropbear server is configured with a hard-coded user name and password combination of root / amroot. The server is configured to use password only authentication not cryptographic keys, however the firmware image contains an RSA host-key for the server. An attacker can exploit this vulnerability to gain root access to the Angstrom Linux operating system and modify any binaries or configuration files in the firmware. Affected releases are Auto-Maskin DCU-210E RP-210E: Versions prior to 3.7 on ARMv7.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Auto-maskin ≫ Dcu-210e Firmware Version < 3.7

Auto-maskin ≫ Dcu-210e Version-

Auto-maskin ≫ Rp-210e Firmware Version < 3.7

Auto-maskin ≫ Rp-210e Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.21%	0.397

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C
cret@cert.org	9.4	3.9	5.5	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

CWE-798 Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

https://www.kb.cert.org/vuls/id/176301

Third Party Advisory

US Government Resource

https://www.us-cert.gov/ics/advisories/icsa-20-051-04

https://nvd.nist.gov/vuln/detail/CVE-2018-5399

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-5399

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-5399

EUVD