CVE-2015-6476

Severity Score

10.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1.98, and EKI-136x devices with firmware before 1.27 have hardcoded SSH keys, which makes it easier for remote attackers to obtain access via an SSH session.

Dispositivos Advantech EKI-122x-BE con firmware en versiones anteriores a 1.65, disposititvos EKI-132x con firmware en versiones anteriores a 1.98 y dispositivos EKI-136x con firmware en versiones anteriores a 1.27 tienen claves SSH embebidas, lo que hace más facil a atacantes remotos obtener acceso a través de una sesión SSH.

*Credits: N/A

CVSS Scores

NISTv2 10.0

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2015-08-17 CVE Reserved
2015-11-07 CVE Published
2023-08-29 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (1)

URL	Tag	Source
https://ics-cert.us-cert.gov/advisories/ICSA-15-309-01	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Advantech Search vendor "Advantech"	Eki-1321 Series Firmware Search vendor "Advantech" for product "Eki-1321 Series Firmware"	<= 1.96 Search vendor "Advantech" for product "Eki-1321 Series Firmware" and version " <= 1.96"	-	Affected	in	Advantech Search vendor "Advantech"	Eki-1321 Search vendor "Advantech" for product "Eki-1321"	-	-	Safe
Advantech Search vendor "Advantech"	Eki-1321 Series Firmware Search vendor "Advantech" for product "Eki-1321 Series Firmware"	<= 1.96 Search vendor "Advantech" for product "Eki-1321 Series Firmware" and version " <= 1.96"	-	Affected	in	Advantech Search vendor "Advantech"	Eki-1322 Search vendor "Advantech" for product "Eki-1322"	-	-	Safe
Advantech Search vendor "Advantech"	Eki-1322 Series Firmware Search vendor "Advantech" for product "Eki-1322 Series Firmware"	<= 1.96 Search vendor "Advantech" for product "Eki-1322 Series Firmware" and version " <= 1.96"	-	Affected	in	Advantech Search vendor "Advantech"	Eki-1321 Search vendor "Advantech" for product "Eki-1321"	-	-	Safe
Advantech Search vendor "Advantech"	Eki-1322 Series Firmware Search vendor "Advantech" for product "Eki-1322 Series Firmware"	<= 1.96 Search vendor "Advantech" for product "Eki-1322 Series Firmware" and version " <= 1.96"	-	Affected	in	Advantech Search vendor "Advantech"	Eki-1322 Search vendor "Advantech" for product "Eki-1322"	-	-	Safe
Advantech Search vendor "Advantech"	Eki-1361 Series Firmware Search vendor "Advantech" for product "Eki-1361 Series Firmware"	<= 1.17 Search vendor "Advantech" for product "Eki-1361 Series Firmware" and version " <= 1.17"	-	Affected	in	Advantech Search vendor "Advantech"	Eki-1361 Search vendor "Advantech" for product "Eki-1361"	*	-	Safe
Advantech Search vendor "Advantech"	Eki-1361 Series Firmware Search vendor "Advantech" for product "Eki-1361 Series Firmware"	<= 1.17 Search vendor "Advantech" for product "Eki-1361 Series Firmware" and version " <= 1.17"	-	Affected	in	Advantech Search vendor "Advantech"	Eki-1362 Search vendor "Advantech" for product "Eki-1362"	*	-	Safe
Advantech Search vendor "Advantech"	Eki-1362 Series Firmware Search vendor "Advantech" for product "Eki-1362 Series Firmware"	<= 1.17 Search vendor "Advantech" for product "Eki-1362 Series Firmware" and version " <= 1.17"	-	Affected	in	Advantech Search vendor "Advantech"	Eki-1361 Search vendor "Advantech" for product "Eki-1361"	*	-	Safe
Advantech Search vendor "Advantech"	Eki-1362 Series Firmware Search vendor "Advantech" for product "Eki-1362 Series Firmware"	<= 1.17 Search vendor "Advantech" for product "Eki-1362 Series Firmware" and version " <= 1.17"	-	Affected	in	Advantech Search vendor "Advantech"	Eki-1362 Search vendor "Advantech" for product "Eki-1362"	*	-	Safe
Advantech Search vendor "Advantech"	Eki-122x Series Firmware Search vendor "Advantech" for product "Eki-122x Series Firmware"	<= 1.49 Search vendor "Advantech" for product "Eki-122x Series Firmware" and version " <= 1.49"	-	Affected	in	Advantech Search vendor "Advantech"	Eki-1221 Search vendor "Advantech" for product "Eki-1221"	-	-	Safe
Advantech Search vendor "Advantech"	Eki-122x Series Firmware Search vendor "Advantech" for product "Eki-122x Series Firmware"	<= 1.49 Search vendor "Advantech" for product "Eki-122x Series Firmware" and version " <= 1.49"	-	Affected	in	Advantech Search vendor "Advantech"	Eki-1221d Search vendor "Advantech" for product "Eki-1221d"	-	-	Safe
Advantech Search vendor "Advantech"	Eki-122x Series Firmware Search vendor "Advantech" for product "Eki-122x Series Firmware"	<= 1.49 Search vendor "Advantech" for product "Eki-122x Series Firmware" and version " <= 1.49"	-	Affected	in	Advantech Search vendor "Advantech"	Eki-1222 Search vendor "Advantech" for product "Eki-1222"	-	-	Safe
Advantech Search vendor "Advantech"	Eki-122x Series Firmware Search vendor "Advantech" for product "Eki-122x Series Firmware"	<= 1.49 Search vendor "Advantech" for product "Eki-122x Series Firmware" and version " <= 1.49"	-	Affected	in	Advantech Search vendor "Advantech"	Eki-1222d Search vendor "Advantech" for product "Eki-1222d"	-	-	Safe
Advantech Search vendor "Advantech"	Eki-122x Series Firmware Search vendor "Advantech" for product "Eki-122x Series Firmware"	<= 1.49 Search vendor "Advantech" for product "Eki-122x Series Firmware" and version " <= 1.49"	-	Affected	in	Advantech Search vendor "Advantech"	Eki-1224 Search vendor "Advantech" for product "Eki-1224"	-	-	Safe