Home / Early Warning / Cybersecurity Highlights / Millions of embedded devices use non-unique X.509 certificates and SSH host keys

Millions of embedded devices use non-unique X.509 certificates and SSH host keys

11/25/2015
SEC Consult researchers have found that millions of embedded devices accessible from the Internet use identical X.509 certificates and SSH host keys. These data were obtained after analyzing the firmware of more than 4000 embedded devices from over 70 vendors. Most devices are vulnerable because the reuse of certificates and keys in product lines of individual vendors. However there are cases where identical certificate and key are used by multiple vendors. In these cases, the main cause may be due to the firmware that were developed with common SDK, or OEM devices using ISP-provided firmware. This vulnerability allows spoofing attacks, man-in-the-middle or passive decryption.