Vulnerability Details CVE-2022-30271
The Motorola ACE1000 RTU through 2022-05-02 ships with a hardcoded SSH private key and initialization scripts (such as /etc/init.d/sshd_service) only generate a new key if no private-key file exists. Thus, this hardcoded key is likely to be used by default.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.1%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2022-30271
-
cpe:2.3:h:motorola:ace1000:-
-
cpe:2.3:o:motorola:ace1000_firmware:-