VU#142546: SMA Technologies OpCon UNIX agent adds the same SSH key to all installations

Opsfolio Community
June 21, 2022, 1 year ago
93

Overview SMA Technologies OpCon UNIX agent adds the same SSH key on every installation and subsequent updates. An attacker with access to the private key can gain root access on affected systems. Description During OpCon UNIX agent installation and updates, an SSH public key is added to the root account's authorized_keys file. The corresponding private key titled sma_id_rsa is included with the installation files and is not encrypted with a passphrase. Removal of the OpCon software does not remove the...

Source: https://kb.cert.org/vuls/id/142546

VU#142546: SMA Technologies OpCon UNIX agent adds the same SSH key to all installations

VU#142546: SMA Technologies OpCon UNIX agent adds the same SSH key to all installations

Subscribe To Our Newsletter!

Popular Posts

What A Cybersecurity Degree Teach You About Protecting Businesses Against Threats

Steps to creating a healthcare app

Cybersecurity Tips For Freelance Healthcare Workers

How to Create a Secure Healthcare Website?

How to keep your child safe from infections when you are not at home?

POPULAR Media

Ransomware Payouts Are On The Rise

Defense Against Socially Engineered Attacks

Address Ransomware With Multiple Layered Security

Hitrust – Streamlining the Compliance Process