The Meinberg SyncBox/PTP/PTPv2 devices have default SSH keys which allow attackers to get root access to the devices. All firmware versions up to v5.34o, v5.34s, v5.32* or 5.34g are affected. The private key is also used in an internal interface of another Meinberg Device and can be extracted from a firmware update of this device. An update to fix the vulnerability was published by the vendor.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Syncbox/ptpv2_firmware | Meinbergglobal | * | 5.34o (excluding) |