CVE-2025-57601
BaseFortify
Publication date: 2025-09-22
Last updated on: 2025-09-23
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| aikaan | cloud_controller | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-798 | The product contains hard-coded credentials, such as a password or cryptographic key. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves the AiKaan Cloud Controller using a single hardcoded SSH private key and the username 'proxyuser' for remote terminal access to all managed IoT/edge devices. When an administrator opens a remote terminal from the dashboard, the controller sends the same static private key to the target device, which uses it to establish a reverse SSH tunnel to a remote access server. Because the same key and account are reused across all customer environments, if an attacker obtains this key, they can impersonate any managed device and establish unauthorized reverse SSH tunnels, allowing them to interact with devices without the owner's consent. This is a design flaw where compromising one key compromises the entire trust boundary between the controller and devices.
How can this vulnerability impact me? :
If an attacker obtains the hardcoded SSH private key, they can impersonate any managed IoT/edge device, establish unauthorized reverse SSH tunnels, and interact with devices without the owner's consent. This could lead to unauthorized access, control, and potential manipulation of devices, resulting in security breaches, data theft, or disruption of device operations.