TAU Threat Intelligence Notification: Israbye Wiper

Summary Israbye is a disk wiper first discovered by a researcher in August 2017, as reported by Bleeping Computer. A newer sample has since been discovered, which appears to timely coincide with a recent news story that references the Al-Aqsa mosque. This mosque is also referenced within the...

CVE-2018-9073

Lenovo Chassis Management Module CMM prior to version 2.0.0 utilizes a hardcoded encryption key to protect certain secrets. Possession of the key can allow an attacker that has already compromised the server to decrypt these secrets...

CVE-2018-17217

An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. There is a hardcoded encryption key...

CA Unified Infrastructure Management Hardcoded Key Vulnerability

CA Unified Infrastructure Management is a powerful unified IT monitoring solution that helps organizations deliver reliable, flexible IT services. A hard-coded key vulnerability exists in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, which can be exploited by an attacker to access...

Hardcoded credentials

DFNDR Security Antivirus, Anti-hacking & Cleaner, 5.0.9, 2017-11-01, Android application uses a hard-coded key for encryption. Data stored using this key can be decrypted by anyone able to access this key...

Hardcoded credentials

Live.me - live stream video chat, 3.7.20, 2017-11-06, Android application uses a hard-coded key for encryption. Data stored using this key can be decrypted by anyone able to access this key...

Z-Wave Downgrade Attack Left Over 100 Million IoT Devices Open to Hackers

Researchers have found that even after having an advanced encryption scheme in place, more than 100 million Internet-of-Things IoT devices from thousands of vendors are vulnerable to a downgrade attack that could allow attackers to gain unauthorized access to your devices. The issue resides in th...

Hardcoded credentials

The web application backup file in the TP-Link EAP Controller and Omada Controller versions 2.5.4Windows/2.6.0Windows is encrypted with a hard-coded cryptographic key, so anyone who knows that key and the algorithm can decrypt it. A low-privilege user could decrypt and modify the backup file in...

UBUNTU-CVE-2016-3953

The sample web application in web2py before 2.14.2 might allow remote attackers to execute arbitrary code via vectors involving use of a hardcoded encryption key when calling the session.connect function...

CVE-2018-5797

An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is an Smintencrypt Hardcoded AES Key that can be used for packet decryption obtaining cleartext credentials by an attacker who has access to a wired port...

Extreme Networks ExtremeWireless WiNG Hardcoded AES Key Vulnerability

Extreme Networks ExtremeWireless WiNG is a wireless access solution from Extreme Networks. secure MINT static message key is one of the static MIMT message keys. A security vulnerability exists in the Secure MINT static message key in Extreme Networks ExtremeWireless WiNG version 5.x prior to...

CVE-2017-15582

In net.MCrypt in the "Diary with lock" aka WriteDiary application 4.72 for Android, hardcoded SecretKey and iv variables are used for the AES parameters, which makes it easier for attackers to obtain the cleartext of stored diary entries...

D-Link DIR-850L REV.A and REV.B Password Disclosure Vulnerability (CNVD-2017-31787)

The D-Link DIR-850L REV.A and REV.B are both wireless router products from AUO D-Link. The security vulnerability in D-Link DIR-850L REV.A and REV.B devices using firmware FW114WWb07h2abbeta1 and prior versions and firmware FW208WWb02 and prior versions stems from the program using the same...

CVE-2017-14422

D-Link DIR-850L REV. A with firmware through FW114WWb07h2abbeta1 and REV. B with firmware through FW208WWb02 devices use the same hardcoded /etc/stunnel.key private key across different customers' installations, which allows remote attackers to defeat the HTTPS cryptographic protection mechanisms...

CVE-2017-10818

MaLion for Windows and Mac versions 3.2.1 to 5.2.1 uses a hardcoded cryptographic key which may allow an attacker to alter the connection settings of Terminal Agent and spoof the Relay Service...

Insecure Defaults

Moodle is vulnerable to insecure defaults. The library itself uses a hardcoded key for the rc4encrypt and rc4decrypt functions, making it easier for a malicious user to decrypt sensitive information by reading Moodle's sourcecode. The hardcoded password was set to nfgjeingjk...

CVE-2017-7648

CVE-2017-7648 concerns Foscam networked devices that reuse the same hardcoded SSL private key across different installations. This root cause enables remote attackers to defeat cryptographic protections by leveraging the known key from another installation, potentially enabling eavesdropping, imp...

Hardcoded credentials

Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded-key vulnerability. The Project Protection feature is used to prevent unauthorized users from opening an XML protected project file, by prompting the user for a password. This XML...

CVE-2017-7574

Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded-key vulnerability. The Project Protection feature is used to prevent unauthorized users from opening an XML protected project file, by prompting the user for a password. This XML...

CVE-2017-7574

Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded-key vulnerability. The Project Protection feature is used to prevent unauthorized users from opening an XML protected project file, by prompting the user for a password. This XML...