Hardcoded Private Keys in WAGO 852-303, 852-1305, and 852-1505 Devices

Hardcoded Private Keys in WAGO 852-303, 852-1305, and 852-1505 Devices

CVE-2019-12549 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded private keys for the SSH daemon. The fingerprint of the SSH host key from the corresponding SSH daemon matches the embedded private key.

Learn more about our Cis Benchmark Audit For Print Devices.