3 matches found
Westermo Industrial Switch Hard-coded Certificate Vulnerability (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-028-01 Westermo Industrial Switch Hard-Coded Certificate Vulnerability that was published January 28, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Neil Smith has identified a hard-coded certifica...
CVE-2015-7923
Westermo WeOS before 4.19.0 uses the same SSL private key across different customers' installations, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a key...
CVE-2015-7923
Westermo WeOS before 4.19.0 uses the same SSL private key across different customer installations, allowing remote MITM if an attacker leverages knowledge of the key. Root cause: hard-coded SSL keys in the WeOS software. Affected software: Westermo WeOS (