SSH Key Vulnerability in Multiple Advantech Products

The Advantech EKI-122x-BE, EKI-132x, and EKI-136x are serial device networking servers from Advantech, China, that provide a variety of redundancy configurations and multiple access configurations for remotely monitoring serial devices via Ethernet communication protocols. A security vulnerabilit...

Hardcoded credentials

Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1.98, and EKI-136x devices with firmware before 1.27 have hardcoded SSH keys, which makes it easier for remote attackers to obtain access via an SSH session...

CVE-2015-6476

The CVE-2015-6476 vulnerability affects Advantech EKI-122x-BE (firmware <1.65), EKI-132x (firmware <1.98), and EKI-136x (firmware

Advantech EKI Hard-coded SSH Keys Vulnerability

OVERVIEW Independent researcher Neil Smith has identified a hard-coded SSH key vulnerability in Advantech’s EKI-122X series products. Advantech has produced new firmware to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS Advantech reports that the...