Openpilot SSH Key security bypass

August 24, 2021

Openpilot could allow a remote attacker to bypass security restrictions, caused by the use of a default SSH key. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain access to the SSH servers with the default key.

Summary:

Openpilot could allow a remote attacker to bypass security restrictions, caused by the use of a default SSH key. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain access to the SSH servers with the default key.

PoC Links(if available):

Packet Storm Security [12-31-2020]
https://packetstormsecurity.com/files/160735

Known Counter Measures:

No remedy available as of December 31, 2020.

Consequences

Bypass Security

You may have missed

CISA Logo

CISA: JCDC’s Industry-Government Collaboration Speeds Mitigation of CrowdStrike IT Outage

November 25, 2024
CISA Logo

CISA: CISA Releases Four Industrial Control Systems Advisories

November 25, 2024
CISA Logo

CISA: Fortinet Updates Guidance and Indicators of Compromise following FortiManager Vulnerability Exploitation

November 25, 2024
CISA Logo

CISA: CISA Releases Three Industrial Control Systems Advisories

November 25, 2024
CISA Logo

CISA: Foreign Threat Actor Conducting Large-Scale Spearphishing Campaign with RDP Attachments

November 25, 2024