CVE-2021-28912
HIGHBAB TECHNOLOGIE eibPort V3 < 3.9.1 - Weak Hardcoded Root SSH Key Passphrase
Title source: llmDescription
BAB TECHNOLOGIE GmbH eibPort V3. Each device has its own unique hard coded and weak root SSH key passphrase known as 'eibPort string'. This is usable and the final part of an attack chain to gain SSH root access.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://psytester.github.io/CVE-2021-28912
Scores
CVSS v3
7.2
EPSS
0.0119
EPSS Percentile
63.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-521
CWE-798
Status
published
Products (1)
bab-technologie/eibport_firmware
< 3.9.1
Published
Sep 09, 2021
Tracked Since
Feb 18, 2026