CWE-321
AllowedUse of Hard-coded Cryptographic Key
Abstraction: Variant · Status: Draft
The product uses a hard-coded, unchangeable cryptographic key.
503 vulnerabilities reference this CWE, most recent first.
GHSA-2F3F-XHH3-HQGG
Vulnerability from github – Published: 2025-07-03 18:31 – Updated: 2025-07-03 18:31Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE.
When the REST interface is enabled by the user, and an attacker gains access to source code and control network, the attacker can bypass the REST interface authentication and gain access to MQTT configuration data.
This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016.
{
"affected": [],
"aliases": [
"CVE-2025-6074"
],
"database_specific": {
"cwe_ids": [
"CWE-321"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-03T17:15:40Z",
"severity": "MODERATE"
},
"details": "Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE.\n\n\n\nWhen the REST interface is enabled by the user, and an attacker gains access to\nsource code and control network, the attacker can bypass the REST interface authentication and gain access to MQTT configuration data.\n\n\nThis issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016.",
"id": "GHSA-2f3f-xhh3-hqgg",
"modified": "2025-07-03T18:31:29Z",
"published": "2025-07-03T18:31:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6074"
},
{
"type": "WEB",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A3623\u0026LanguageCode=en\u0026DocumentPartId=PDF\u0026Action=Launch"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-2HH7-5899-HFPG
Vulnerability from github – Published: 2025-09-05 18:31 – Updated: 2025-09-05 18:31ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived.
{
"affected": [],
"aliases": [
"CVE-2025-30198"
],
"database_specific": {
"cwe_ids": [
"CWE-321",
"CWE-798"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-05T18:15:39Z",
"severity": "LOW"
},
"details": "ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived.",
"id": "GHSA-2hh7-5899-hfpg",
"modified": "2025-09-05T18:31:25Z",
"published": "2025-09-05T18:31:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30198"
},
{
"type": "WEB",
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-135-19.json"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-135-19"
},
{
"type": "WEB",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30198"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-2HXQ-HQP9-W42P
Vulnerability from github – Published: 2021-12-28 00:00 – Updated: 2022-01-13 00:01The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from the Patient Information Center iX (PIC iX) Versions B.02, C.02, and C.03.
{
"affected": [],
"aliases": [
"CVE-2021-43552"
],
"database_specific": {
"cwe_ids": [
"CWE-321"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-27T19:15:00Z",
"severity": "MODERATE"
},
"details": "The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from the Patient Information Center iX (PIC iX) Versions B.02, C.02, and C.03.",
"id": "GHSA-2hxq-hqp9-w42p",
"modified": "2022-01-13T00:01:57Z",
"published": "2021-12-28T00:00:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43552"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-2M95-FCM7-GQW8
Vulnerability from github – Published: 2022-07-29 00:00 – Updated: 2025-04-17 18:31Ovarro TBox TWinSoft uses the custom hardcoded user “TWinSoft” with a hardcoded key.
{
"affected": [],
"aliases": [
"CVE-2021-22644"
],
"database_specific": {
"cwe_ids": [
"CWE-321",
"CWE-798"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-28T15:15:00Z",
"severity": "CRITICAL"
},
"details": "Ovarro TBox TWinSoft uses the custom hardcoded user \u201cTWinSoft\u201d with a hardcoded key.",
"id": "GHSA-2m95-fcm7-gqw8",
"modified": "2025-04-17T18:31:01Z",
"published": "2022-07-29T00:00:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22644"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-054-04"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2PFW-VJ6X-2W7X
Vulnerability from github – Published: 2022-11-25 00:30 – Updated: 2022-11-28 21:30Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions allows a remote unauthenticated attacker to disclose sensitive information . As a result, unauthorized users may view or execute programs illegally.
{
"affected": [],
"aliases": [
"CVE-2022-29829"
],
"database_specific": {
"cwe_ids": [
"CWE-321",
"CWE-798"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-11-25T00:15:00Z",
"severity": "HIGH"
},
"details": "Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions allows a remote unauthenticated attacker to disclose sensitive information . As a result, unauthorized users may view or execute programs illegally.",
"id": "GHSA-2pfw-vj6x-2w7x",
"modified": "2022-11-28T21:30:22Z",
"published": "2022-11-25T00:30:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29829"
},
{
"type": "WEB",
"url": "https://jvn.jp/vu/JVNVU97244961/index.html"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-333-05"
},
{
"type": "WEB",
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-015_en.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-2Q3H-PXC2-8GQG
Vulnerability from github – Published: 2025-01-14 15:30 – Updated: 2025-01-14 15:30A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0 through 6.2.7 and 6.0.0 through 6.0.7 allows attacker to execute unauthorized code or commands via crafted requests.
{
"affected": [],
"aliases": [
"CVE-2023-37936"
],
"database_specific": {
"cwe_ids": [
"CWE-321",
"CWE-798"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-14T14:15:26Z",
"severity": "CRITICAL"
},
"details": "A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0 through 6.2.7 and 6.0.0 through 6.0.7 allows attacker to execute unauthorized code or commands via crafted requests.",
"id": "GHSA-2q3h-pxc2-8gqg",
"modified": "2025-01-14T15:30:52Z",
"published": "2025-01-14T15:30:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37936"
},
{
"type": "WEB",
"url": "https://fortiguard.com/psirt/FG-IR-23-260"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2VJW-W57F-JMF6
Vulnerability from github – Published: 2025-10-09 21:31 – Updated: 2025-10-09 21:31Newforma Info Exchange (NIX) uses a hard-coded key to encrypt certain query parameters. Some encrypted parameter values can specify paths to download files, potentially bypassing authentication and authorization, for example, the 'qs' parameter used in '/DownloadWeb/download.aspx'. This key is shared across NIX installations. NIX 2023.3 and 2024.1 limit the use of hard-coded keys.
{
"affected": [],
"aliases": [
"CVE-2025-35052"
],
"database_specific": {
"cwe_ids": [
"CWE-321"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-09T21:15:36Z",
"severity": "MODERATE"
},
"details": "Newforma Info Exchange (NIX) uses a hard-coded key to encrypt certain query parameters. Some encrypted parameter values can specify paths to download files, potentially bypassing authentication and authorization, for example, the \u0027qs\u0027 parameter used in \u0027/DownloadWeb/download.aspx\u0027. This key is shared across NIX installations. NIX 2023.3 and 2024.1 limit the use of hard-coded keys.",
"id": "GHSA-2vjw-w57f-jmf6",
"modified": "2025-10-09T21:31:11Z",
"published": "2025-10-09T21:31:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-35052"
},
{
"type": "WEB",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-282-01.json"
},
{
"type": "WEB",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-35052"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-2VQX-5P37-QQ4W
Vulnerability from github – Published: 2025-07-25 18:30 – Updated: 2025-07-25 21:33An issue in Gardyn 4 allows a remote attacker with the corresponding ssh private key can gain remote root access to affected devices
{
"affected": [],
"aliases": [
"CVE-2025-29630"
],
"database_specific": {
"cwe_ids": [
"CWE-284",
"CWE-321"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-25T17:15:31Z",
"severity": "HIGH"
},
"details": "An issue in Gardyn 4 allows a remote attacker with the corresponding ssh private key can gain remote root access to affected devices",
"id": "GHSA-2vqx-5p37-qq4w",
"modified": "2025-07-25T21:33:49Z",
"published": "2025-07-25T18:30:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29630"
},
{
"type": "WEB",
"url": "https://github.com/mselbrede/gardyn/blob/main/CVE-2025-29630.md"
},
{
"type": "WEB",
"url": "http://gardyn.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-2W2H-4FP7-2GQ3
Vulnerability from github – Published: 2022-05-24 16:45 – Updated: 2022-05-24 16:45A vulnerability has been identified in LOGO!8 BM (All versions). Project data stored on the device, which is accessible via port 10005/tcp, can be decrypted due to a hardcoded encryption key. The security vulnerability could be exploited by an unauthenticated attacker with network access to port 10005/tcp. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.
{
"affected": [],
"aliases": [
"CVE-2019-10920"
],
"database_specific": {
"cwe_ids": [
"CWE-321",
"CWE-798"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-05-14T20:29:00Z",
"severity": "HIGH"
},
"details": "A vulnerability has been identified in LOGO!8 BM (All versions). Project data stored on the device, which is accessible via port 10005/tcp, can be decrypted due to a hardcoded encryption key. The security vulnerability could be exploited by an unauthenticated attacker with network access to port 10005/tcp. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.",
"id": "GHSA-2w2h-4fp7-2gq3",
"modified": "2022-05-24T16:45:38Z",
"published": "2022-05-24T16:45:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10920"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-542701.pdf"
},
{
"type": "WEB",
"url": "https://seclists.org/bugtraq/2019/May/72"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/153122/Siemens-LOGO-8-Hard-Coded-Cryptographic-Key.html"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2019/May/44"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/108382"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-32CC-X95P-FXCG
Vulnerability from github – Published: 2026-02-05 00:36 – Updated: 2026-02-10 02:56Description
An insecure default configuration in FUXA allows an unauthenticated, remote attacker to gain administrative access and execute arbitrary code on the server. This affects FUXA through version 1.2.9 when authentication is enabled, but the administrator JWT secret is not configured. This issue has been patched in FUXA version 1.2.10.
Impact
The FUXA documentation allows administrators to manually update a hardcoded JWT secret when enabling authentication. This feature was not available in the UI. This results in a fail-open security posture, where the application can report or appear to be operating in secureEnabled mode while still accepting tokens signed with a publicly known key.
Exploitation allows an unauthenticated, remote attacker to forge JWTs to bypass all authentication mechanisms and obtain administrative access to the FUXA instance. With these elevated privileges, the attacker can interact with administrative APIs, including intended features designed for automation and scripting, to execute arbitrary code in the context of the FUXA service. Depending on deployment configuration and permissions, this may lead to full system compromise and could further expose connected ICS/SCADA environments to follow-on actions.
Patches
This issue has been patched in FUXA version 1.2.10. Users are strongly encouraged to update to the latest available release.
Notes
GitHub stated this vulnerability is identical to CVE-2025-69971, which was published against the repository out of band before coordinated disclosure concluded. CVE-2025-69971 is directionally correct, but the description is inaccurate. Please refer to this advisory for the proper description and affected versions.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 1.2.9"
},
"package": {
"ecosystem": "npm",
"name": "fuxa-server"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.2.10"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-25894"
],
"database_specific": {
"cwe_ids": [
"CWE-1188",
"CWE-321"
],
"github_reviewed": true,
"github_reviewed_at": "2026-02-05T00:36:30Z",
"nvd_published_at": "2026-02-09T23:16:05Z",
"severity": "CRITICAL"
},
"details": "### Description\nAn insecure default configuration in FUXA allows an unauthenticated, remote attacker to gain administrative access and execute arbitrary code on the server. This affects FUXA through version 1.2.9 when authentication is enabled, but the administrator JWT secret is not configured. This issue has been patched in FUXA version 1.2.10.\n\n### Impact\nThe FUXA documentation allows administrators to manually update a hardcoded JWT secret when enabling authentication. This feature was not available in the UI. This results in a fail-open security posture, where the application can report or appear to be operating in `secureEnabled` mode while still accepting tokens signed with a publicly known key.\n\nExploitation allows an unauthenticated, remote attacker to forge JWTs to bypass all authentication mechanisms and obtain administrative access to the FUXA instance. With these elevated privileges, the attacker can interact with administrative APIs, including intended features designed for automation and scripting, to execute arbitrary code in the context of the FUXA service. Depending on deployment configuration and permissions, this may lead to full system compromise and could further expose connected ICS/SCADA environments to follow-on actions.\n\n### Patches\nThis issue has been patched in FUXA version 1.2.10. Users are strongly encouraged to update to the latest available release.\n\n### Notes\nGitHub stated this vulnerability is identical to CVE-2025-69971, which was published against the repository out of band before coordinated disclosure concluded. CVE-2025-69971 is directionally correct, but the description is inaccurate. Please refer to this advisory for the proper description and affected versions.",
"id": "GHSA-32cc-x95p-fxcg",
"modified": "2026-02-10T02:56:48Z",
"published": "2026-02-05T00:36:30Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/frangoteam/FUXA/security/advisories/GHSA-32cc-x95p-fxcg"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25894"
},
{
"type": "WEB",
"url": "https://github.com/frangoteam/FUXA/commit/ea7b3df066f9fdef8ecdce318398ae40546bc50d"
},
{
"type": "PACKAGE",
"url": "https://github.com/frangoteam/FUXA"
},
{
"type": "WEB",
"url": "https://github.com/frangoteam/FUXA/releases/tag/v1.2.10"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"type": "CVSS_V4"
}
],
"summary": "FUXA Unauthenticated Remote Code Execution via Hardcoded JWT Secret in Default Configuration"
}
Mitigation
Prevention schemes mirror that of hard-coded password storage.
No CAPEC attack patterns related to this CWE.