1. Home
  2. CVE Database
  3. CVE-2015-6476
HIGH · 10.0

CVE-2015-6476

Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1.98, and EKI-136x devices with firmware before 1.27 have hardcoded SSH keys, which makes it easier for r...

Vulnerability Description

Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1.98, and EKI-136x devices with firmware before 1.27 have hardcoded SSH keys, which makes it easier for remote attackers to obtain access via an SSH session.

CVSS Score

10.0

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:C
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE

Affected Products

VendorProductVersions
AdvantechEki-1321 Series Firmware<= 1.96
AdvantechEki-1322 Series Firmware<= 1.96
AdvantechEki-1321-
AdvantechEki-1322-
AdvantechEki-1361 Series Firmware<= 1.17
AdvantechEki-1362 Series Firmware<= 1.17
AdvantechEki-1361All versions
AdvantechEki-1362All versions
AdvantechEki-122X Series Firmware<= 1.49
AdvantechEki-1221-
AdvantechEki-1221D-
AdvantechEki-1222-
AdvantechEki-1222D-
AdvantechEki-1224-

References

FAQ

What is CVE-2015-6476?

CVE-2015-6476 is a vulnerability with a CVSS score of 10.0 (HIGH). Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1.98, and EKI-136x devices with firmware before 1.27 have hardcoded SSH keys, which makes it easier for r...

How severe is CVE-2015-6476?

CVE-2015-6476 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-6476?

Check the references section above for vendor advisories and patch information. Affected products include: Advantech Eki-1321 Series Firmware, Advantech Eki-1322 Series Firmware, Advantech Eki-1321, Advantech Eki-1322, Advantech Eki-1361 Series Firmware.