CNNVD-202512-614 Information
CNNVD ID
CNNVD-202512-614
Related CVE
- CNNVD Published: 2025-12-05
Description (Chinese)
Advantech WISE-DeviceOn Server是中国台湾研华(Advantech)公司的一个物联网设备管理平台软件。 Advantech WISE-DeviceOn Server 5.4之前版本存在安全漏洞,该漏洞源于使用硬编码加密密钥,可能导致远程攻击者冒充任意账户。
Description (English)
Advantech Weste-DeviceOn Server is a software for the management of a networked equipment platform at Advantech. There was a security loophole in the previous version of Advantech Weste-DeviceOn Server 5.4, which stemmed from the use of hard-coded encryption keys, which could lead to remote attackers impersonating any account.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
研华
Published
2025-12-05
Last Modified
2026-02-24
References
https://advcloudfiles.advantech.com/cms/2ca1b071-fd78-4d7f-8a2a-7b4537a95d19/Security%20Advisory%20PDF%20File/SECURITY-ADVISORY—-DeviceOn.pdf https://docs.deviceon.advantech.com/docs/resource/ https://www.vulncheck.com/advisories/advantech-wise-deviceon-server-hardcoded-jwt-key-authentication-bypass https://access.redhat.com/security/cve/cve-2025-34256
Patch
https://docs.deviceon.advantech.com/docs/resource/
Share on: