CVE-2017-9649 Information

Description

A Use of Hard-Coded Cryptographic Key issue was discovered in Mirion Technologies DMC 3000 Transmitter Module iPam Transmitter f/DMC 2000 RDS-31 iTX and variants (including RSD31-AM Package) DRM-1/2 and variants (including Solar PWR Package) DRM and RDS Based Boundary Monitors External Transmitters Telepole II and MESH Repeater (Telemetry Enabled Devices). An unchangeable factory-set key is included in the 900 MHz transmitter firmware.

CVSS Vector

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Reference

http://www.securityfocus.com/bid/100001 https://ics-cert.us-cert.gov/advisories/ICSA-17-208-02

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

LOW

Base Severity

5.0