Hardcoded SSL Private Key Vulnerability in ATEN IP KVM Switches and Power-Control Units
CVE-2009-1477

Currently unrated

Key Information:

Vendor

Aten

Status
Pn9108 Power Over The Net
Kn9116 Ip Kvm Switch
Kh1516i Ip Kvm Switch
Vendor
CVE Published:
27 May 2009

What is CVE-2009-1477?

The ATEN KH1516i and KN9116 IP KVM switches, along with the PN9108 power-control unit, contain a hardcoded SSL private key in their firmware. This vulnerability allows remote attackers to extract the key from their own switches, enabling them to decrypt SSL-encrypted sessions of other clients within the same network. This potential exposure could lead to unauthorized access and compromise of sensitive data during active https sessions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/50851
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/35108
vdb-entryx_refsource_BID
http://www.securityfocus.com/archive/1/503827/100/0/threaded
mailing-listx_refsource_BUGTRAQ

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.