CVE-2017-9649
20.09.2017, 16:29
A Use of Hard-Coded Cryptographic Key issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants (including RSD31-AM Package), DRM-1/2 and variants (including Solar PWR Package), DRM and RDS Based Boundary Monitors, External Transmitters, Telepole II, and MESH Repeater (Telemetry Enabled Devices). An unchangeable, factory-set key is included in the 900 MHz transmitter firmware.Enginsight
| Vendor | Product | Version |
|---|---|---|
| mirion_technologies | dmc_3000_firmware | - |
| mirion_technologies | ipam_transmitter_f\/dmc_2000_firmware | - |
| mirion_technologies | telepole_ii_firmware | - |
| mirion_technologies | rds-31_itx_firmware | - |
| mirion_technologies | rsd31-am_firmware | - |
| mirion_technologies | wrm2_mesh_repeater_firmware | - |
| mirion_technologies | drm-1\/2_firmware | - |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-321 - Use of Hard-coded Cryptographic KeyThe use of a hard-coded cryptographic key significantly increases the possibility that encrypted data may be recovered.
- CWE-798 - Use of Hard-coded CredentialsThe software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.