A Use of Hard-Coded Cryptographic Key issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded private cryptographic keys that may allow an attacker to decrypt traffic from any other source.
References
Link | Resource |
---|---|
https://ics-cert.us-cert.gov/advisories/ICSA-17-236-01 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Information
Published : 2017-08-25 09:29
Updated : 2017-08-30 09:58
NVD link : CVE-2016-5816
Mitre link : CVE-2016-5816
JSON object : View
CWE
CWE-798
Use of Hard-coded Credentials
Products Affected
westermo
- mrd-455-din
- mrd-315-din
- mrd-355-din_firmware
- mrd-305-din
- mrd-315-din_firmware
- mrd-455-din_firmware
- mrd-305-din_firmware
- mrd-355-din