Skip to main content

CWE-1394

Use of Default Cryptographic Key

11 CVEs Avg CVSS 6.5 MITRE
4
CRITICAL
0
HIGH
5
MEDIUM
2
LOW
1
POC
0
KEV

Monthly

CVE-2026-54887 MEDIUM PATCH This Month

The DTLS server in Erlang/OTP ssl initializes its cookie secret to a hardcoded empty binary on startup, making HMAC-based cookie computation deterministic and fully predictable to any network observer for the 0-to-15-second window before the first secret rotation. Any attacker who can observe a plaintext DTLS ClientHello during this window can forge valid cookies, bypassing the RFC 6347 §4.2.1 source address verification mechanism and enabling handshake amplification attacks with spoofed source IPs. No public exploit has been identified at time of analysis; vendor-released patches are available in OTP 29.0.3, 28.5.0.3, and 27.3.4.14.

Authentication Bypass Otp
NVD GitHub VulDB
CVSS 4.0
6.3
EPSS
0.4%
CVE-2026-5039 MEDIUM PATCH This Month

TP-Link TL-WR841N v13 uses DES-CBC encryption in the TDDPv2 debug protocol with a cryptographic key derived from default web management credentials, making the key predictable if device is left in default configuration. A network-adjacent attacker can exploit this weakness to gain unauthorized access to the protocol, read debug data, modify certain device configuration values, and trigger device reboot, resulting in loss of integrity and a denial-of-service condition.

Authentication Bypass TP-Link
NVD
CVSS 4.0
6.1
EPSS
0.0%
CVE-2026-20709 MEDIUM This Month

Use of a default cryptographic key in Intel Pentium Processor Silver Series, Celeron Processor J Series, and Celeron Processor N Series hardware allows privilege escalation when a hardware reverse engineer with privileged user access performs a high-complexity physical attack with special internal knowledge. The vulnerability has a CVSS score of 5.8 with physical attack vector (AV:P) and high attack complexity (AC:H), requiring privileged access (PR:H) and special attack time requirements (AT:P). No public exploit code or active CISA KEV designation has been identified.

Privilege Escalation Red Hat Intel
NVD VulDB
CVSS 4.0
5.8
EPSS
0.0%
CVE-2026-2215 LOW Monitor

A vulnerability was detected in rachelos WeRSS we-mp-rss up to 1.4.8. This issue affects some unknown processing of the file core/auth.py of the component JWT Handler. Performing a manipulation of the argument SECRET_KEY results in use of default cryptographic key. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitability is assessed as difficult...

Information Disclosure
NVD VulDB
CVSS 4.0
2.9
EPSS
0.0%
CVE-2026-25815 LOW Monitor

Fortinet FortiOS versions up to 7.6.6 contains a vulnerability that allows attackers to decrypt LDAP credentials stored in device configuration files, as exploited in t (CVSS 3.2).

Fortinet LDAP Fortigate
NVD
CVSS 3.1
3.2
EPSS
0.0%
CVE-2025-41744 CRITICAL Act Now

CVE-2025-41744 is a security vulnerability (CVSS 9.1) that allows an unprivileged remote attacker. Critical severity with potential for significant impact on affected systems.

Information Disclosure Sprecon E C Firmware Sprecon E P Firmware Sprecon E T3 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.1%
CVE-2025-41742 CRITICAL Act Now

CVE-2025-41742 is a security vulnerability (CVSS 9.8) that allows the attacker. Critical severity with potential for significant impact on affected systems.

Authentication Bypass Sprecon E C Firmware Sprecon E P Firmware Sprecon E T3 Firmware
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-55049 CRITICAL This Week

Use of Default Cryptographic Key (CWE-1394). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
9.1
EPSS
0.0%
CVE-2025-44954 CRITICAL This Week

RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH private key for a root-equivalent user account. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Ruckus Smartzone Firmware
NVD
CVSS 3.1
9.0
EPSS
0.1%
CVE-2025-1688 MEDIUM This Month

Milestone Systems has discovered a security vulnerability in Milestone XProtect installer that resets system configuration password after the upgrading from older versions using specific installers. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure
NVD
CVSS 4.0
5.5
EPSS
0.2%
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

The DTLS server in Erlang/OTP ssl initializes its cookie secret to a hardcoded empty binary on startup, making HMAC-based cookie computation deterministic and fully predictable to any network observer for the 0-to-15-second window before the first secret rotation. Any attacker who can observe a plaintext DTLS ClientHello during this window can forge valid cookies, bypassing the RFC 6347 §4.2.1 source address verification mechanism and enabling handshake amplification attacks with spoofed source IPs. No public exploit has been identified at time of analysis; vendor-released patches are available in OTP 29.0.3, 28.5.0.3, and 27.3.4.14.

Authentication Bypass Otp
NVD GitHub VulDB
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

TP-Link TL-WR841N v13 uses DES-CBC encryption in the TDDPv2 debug protocol with a cryptographic key derived from default web management credentials, making the key predictable if device is left in default configuration. A network-adjacent attacker can exploit this weakness to gain unauthorized access to the protocol, read debug data, modify certain device configuration values, and trigger device reboot, resulting in loss of integrity and a denial-of-service condition.

Authentication Bypass TP-Link
NVD
EPSS 0% CVSS 5.8
MEDIUM This Month

Use of a default cryptographic key in Intel Pentium Processor Silver Series, Celeron Processor J Series, and Celeron Processor N Series hardware allows privilege escalation when a hardware reverse engineer with privileged user access performs a high-complexity physical attack with special internal knowledge. The vulnerability has a CVSS score of 5.8 with physical attack vector (AV:P) and high attack complexity (AC:H), requiring privileged access (PR:H) and special attack time requirements (AT:P). No public exploit code or active CISA KEV designation has been identified.

Privilege Escalation Red Hat Intel
NVD VulDB
EPSS 0% CVSS 2.9
LOW Monitor

A vulnerability was detected in rachelos WeRSS we-mp-rss up to 1.4.8. This issue affects some unknown processing of the file core/auth.py of the component JWT Handler. Performing a manipulation of the argument SECRET_KEY results in use of default cryptographic key. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitability is assessed as difficult...

Information Disclosure
NVD VulDB
EPSS 0% CVSS 3.2
LOW Monitor

Fortinet FortiOS versions up to 7.6.6 contains a vulnerability that allows attackers to decrypt LDAP credentials stored in device configuration files, as exploited in t (CVSS 3.2).

Fortinet LDAP Fortigate
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

CVE-2025-41744 is a security vulnerability (CVSS 9.1) that allows an unprivileged remote attacker. Critical severity with potential for significant impact on affected systems.

Information Disclosure Sprecon E C Firmware Sprecon E P Firmware +1
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

CVE-2025-41742 is a security vulnerability (CVSS 9.8) that allows the attacker. Critical severity with potential for significant impact on affected systems.

Authentication Bypass Sprecon E C Firmware Sprecon E P Firmware +1
NVD
EPSS 0% CVSS 9.1
CRITICAL This Week

Use of Default Cryptographic Key (CWE-1394). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
EPSS 0% CVSS 9.0
CRITICAL This Week

RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH private key for a root-equivalent user account. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Ruckus Smartzone Firmware
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Milestone Systems has discovered a security vulnerability in Milestone XProtect installer that resets system configuration password after the upgrading from older versions using specific installers. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy