CVE-2013-0137
published 2013-06-30CVE-2013-0137: The default configuration of the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 contains…
PriorityP261critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
13.45%
96.0th percentile
The default configuration of the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 contains a known SSH private key, which makes it easier for remote attackers to obtain root access, and spoof alerts, via an SSH session.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| digital_alert_systems | dasdec_eas | <= 2.0-1 | — |
| digital_alert_systems | dasdec_eas | — | — |
| monroe_electronics | r189_one-net_eas | <= 2.0-1 | — |
| monroe_electronics | r189_one-net_eas | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect SSH login attempts to DASDEC-I or DASDEC-II devices using the hard-coded/publicly-known root SSH private key extracted from publicly available firmware images; any successful root SSH session to these devices on software versions prior to 2.0-2 should be treated as a compromise indicator. ↗
- →Alert on any inbound SSH sessions authenticating as root to Monroe Electronics DASDEC-I/DASDEC-II or Digital Alert Systems DASDEC EAS devices, especially from external/internet-facing sources. ↗
- →Monitor for unauthorized EAS alert broadcasts or spoofed emergency alerts originating from DASDEC devices, which may indicate exploitation of the hard-coded SSH key for root access. ↗
- ·Only devices running firmware versions prior to 2.0-2 are vulnerable; the hard-coded SSH key is present in the default configuration and in publicly available firmware images. ↗
- ·The vulnerability stems from a known/hard-coded SSH private key shipped in the default configuration of both the Digital Alert Systems DASDEC EAS device and Monroe Electronics R189 One-Net EAS device before version 2.0-2. ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Monroe Electronics DASDEC Compromised Root SSH Key
cisa_ics·2013-07-03
Monroe Electronics DASDEC Compromised Root SSH Key
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Monroe Electronics DASDEC Compromised Root SSH Key
Last RevisedJuly 03, 2013
Alert CodeICSA-13-184-02
## OVERVIEW
This advisory provides mitigation details for a vulnerability that impacts the Monroe Electronics DASDEC.
Mike Davis, a researcher with IOActive, reported a compromised root SSH key vulnerability to CERT Coordination Center (CERT/CC). This vulnerability is in Monroe Electronics DASDEC‑I and DASDEC-II appliances. ICS-CERT coordinated with CERT/CC and Monroe Electronics to resolve the vulnerability. Monroe Electronics has produced an update that mitigates this vulnera
GHSA
GHSA-p7h3-gh8g-5vrc: The default configuration of the Digital Alert Systems DASDEC EAS device before 2
ghsa_unreviewed·2022-05-05
CVE-2013-0137 [HIGH] GHSA-p7h3-gh8g-5vrc: The default configuration of the Digital Alert Systems DASDEC EAS device before 2
The default configuration of the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 contains a known SSH private key, which makes it easier for remote attackers to obtain root access, and spoof alerts, via an SSH session.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.digitalalertsystems.com/pdf/130604-Monroe-Security-PR.pdfhttp://www.kb.cert.org/vuls/id/662676http://www.kb.cert.org/vuls/id/AAMN-98MU7Hhttp://www.kb.cert.org/vuls/id/AAMN-98MUK2http://www.monroe-electronics.com/MONROE_ELECTRONICS_PDF/130604-Monroe-Security-PR.pdfhttps://securityledger.com/2020/01/seven-years-later-scores-of-eas-systems-sit-un-patched-vulnerable/http://www.digitalalertsystems.com/pdf/130604-Monroe-Security-PR.pdfhttp://www.kb.cert.org/vuls/id/662676http://www.kb.cert.org/vuls/id/AAMN-98MU7Hhttp://www.kb.cert.org/vuls/id/AAMN-98MUK2http://www.monroe-electronics.com/MONROE_ELECTRONICS_PDF/130604-Monroe-Security-PR.pdfhttps://securityledger.com/2020/01/seven-years-later-scores-of-eas-systems-sit-un-patched-vulnerable/
2013-06-30
Published