cbcvebase.
CVE-2013-0137
published 2013-06-30

CVE-2013-0137: The default configuration of the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 contains…

PriorityP261critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
13.45%
96.0th percentile
The default configuration of the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 contains a known SSH private key, which makes it easier for remote attackers to obtain root access, and spoof alerts, via an SSH session.

Affected

4 ranges
VendorProductVersion rangeFixed in
digital_alert_systemsdasdec_eas<= 2.0-1
digital_alert_systemsdasdec_eas
monroe_electronicsr189_one-net_eas<= 2.0-1
monroe_electronicsr189_one-net_eas

Detection & IOCsextracted from sources · hover to see the quote

port22 (SSH)
  • Detect SSH login attempts to DASDEC-I or DASDEC-II devices using the hard-coded/publicly-known root SSH private key extracted from publicly available firmware images; any successful root SSH session to these devices on software versions prior to 2.0-2 should be treated as a compromise indicator.
  • Alert on any inbound SSH sessions authenticating as root to Monroe Electronics DASDEC-I/DASDEC-II or Digital Alert Systems DASDEC EAS devices, especially from external/internet-facing sources.
  • Monitor for unauthorized EAS alert broadcasts or spoofed emergency alerts originating from DASDEC devices, which may indicate exploitation of the hard-coded SSH key for root access.
  • ·Only devices running firmware versions prior to 2.0-2 are vulnerable; the hard-coded SSH key is present in the default configuration and in publicly available firmware images.
  • ·The vulnerability stems from a known/hard-coded SSH private key shipped in the default configuration of both the Digital Alert Systems DASDEC EAS device and Monroe Electronics R189 One-Net EAS device before version 2.0-2.
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.