CVE-2016-2333
Summary
| CVE | CVE-2016-2333 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2016-04-25 18:59:00 UTC |
| Updated | 2016-05-04 19:33:00 UTC |
| Description | SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway devices with firmware before 01A.8 use the same hardcoded encryption key across different customers' installations, which allows attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation. |
Risk And Classification
Problem Types: CWE-310
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Systech | Syslink Sl-1000 Modular Gateway | - | All | All | All |
| Hardware | Systech | Syslink Sl-1000 Modular Gateway | - | All | All | All |
| Operating System | Systech | Syslink Sl-1000 Modular Gateway Firmware | - | All | All | All |
| Operating System | Systech | Syslink Sl-1000 Modular Gateway Firmware | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Vulnerability Note VU#822980 - SysLINK M2M Modular Gateway contains multiple vulnerabilities | CERT-VN | www.kb.cert.org | Third Party Advisory, US Government Resource |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.