cbcvebase.
CVE-2015-7938
published 2016-01-09

CVE-2015-7938: Advantech EKI-132x devices with firmware before 2015-12-31 allow remote attackers to bypass authentication via unspecified vectors.

PriorityP261critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
3.76%
88.6th percentile
Advantech EKI-132x devices with firmware before 2015-12-31 allow remote attackers to bypass authentication via unspecified vectors.

Affected

2 ranges
VendorProductVersion rangeFixed in
advantecheki-1321_series_firmware<= 2015-10-06
advantecheki-1322_series_firmware<= 2015-10-06

Detection & IOCsextracted from sources · hover to see the quote

  • Authentication bypass vulnerability (CVE-2015-7938) affects Advantech EKI-132x platform devices; any unauthenticated access to device management interfaces on these devices should be treated as suspicious
  • Exploits for this authentication bypass are publicly available and require only low skill to use; monitor for unexpected or unauthenticated sessions on Advantech EKI-132x Modbus gateway management interfaces
  • Exploitation is fully remote with no authentication required (CVSS vector AV:N/AC:L/PR:N/UI:N); alert on any remote management activity to EKI-132x devices from untrusted network segments
  • ·Vulnerability affects EKI-132x firmware versions prior to the December 31, 2015 release; devices running firmware dated before 2015-12-31 are vulnerable
  • ·The authentication bypass vector is unspecified in public disclosures; no specific bypass parameter, cookie, or path has been published, limiting signature-based detection

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.