CVE-2024-54855
Static SSH Key Exposure in Vanilla OS 2 Enables MITM Attacks
Publication date: 2026-01-13
Last updated on: 2026-02-10
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| fabricators | vanilla_os_core_image | to 1.1.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-321 | The product uses a hard-coded, unchangeable cryptographic key. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves static SSH host keys embedded in Vanilla OS core-image versions prior to v1.1.1. Because these keys are hard-coded and identical across all installations, an attacker with some privileges can extract the private SSH host keys (for example, from a Docker container running the vulnerable image). This allows the attacker to perform man-in-the-middle (MITM) attacks during SSH connections by impersonating the target server, intercepting communications, and potentially executing arbitrary commands on the compromised host. [2]
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized data access through man-in-the-middle attacks on SSH connections, allowing attackers to intercept sensitive information. It also poses risks of service disruption and limited data modification. Attackers can impersonate servers, intercept SSH sessions without detection, and execute arbitrary commands, potentially compromising system integrity and availability. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by checking if your Vanilla OS core-image version is prior to v1.1.1, as those versions contain static SSH host keys. To verify if the SSH host keys are static or reused, you can compare the SSH host key fingerprints across multiple installations. Commands such as 'ssh-keygen -lf /etc/ssh/ssh_host_rsa_key.pub' can be used to list the fingerprint of the SSH host key. If multiple systems show identical fingerprints, it indicates the presence of static keys and vulnerability to MITM attacks. [2]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade the Vanilla OS core-image to version v1.1.1 or later, where unique SSH host keys are generated per installation. If upgrading is not immediately possible, regenerate the SSH host keys manually on each affected system to replace the static keys and prevent reuse. This will mitigate the risk of man-in-the-middle attacks caused by the static keys. [2]