EUVD-2020-2668

Malware in sbrugna...

EUVD-2019-6024

Malware in sbrugna...

CVE-2019-14926

An issue was discovered on Mitsubishi Electric Europe B.V. ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. Hard-coded SSH keys allow an attacker to gain unauthorised access or disclose encrypted data on the RTU due to the keys not being regenerated on initial installation or with...

CVE-2020-10210

Because of hard-coded SSH keys for the root user in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series, Kami7B, an attacker may remotely log in through SSH...

Advantech EKI Vulnerable to Bypass, Possible Backdoor

Researchers have uncovered yet another issue–and potential backdoor–in Advantech’s beleaguered EKI-1322 serial device server. The Dropbear SSH daemon associated with the server, because of heavy modifications, fails to enforce authentication. This makes it so any user who wants to bypass...

Advantech EKI Vulnerable to Shellshock, Heartbleed

Twice in the past year, security researchers have found and reported critical vulnerabilities in Modbus gateways built by Advantech that are used to connect serial devices in industrial control environments to IP networks. Most recently, independent security researcher Neil Smith found hard-coded...

Advantech Clears Hard-Coded SSH Keys from EKI Switches

Update Critical industrial switches used worldwide for automation contained hard-coded SSH keys that put devices and networks at risk. Advantech, a Taiwanese distributor, has developed new firmware for its EKI-122x series of products that disables HTTPS and SSH. SSH keys are a means by which...