CVE-2022-30271 Information

Description

The Motorola ACE1000 RTU through 2022-05-02 ships with a hardcoded SSH private key and initialization scripts (such as /etc/init.d/sshd_service) only generate a new key if no private-key file exists. Thus this hardcoded key is likely to be used by default.

Reference

https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-06 https://www.forescout.com/blog/