What is CVE-2018-16158?

CVE-2018-16158 is a vulnerability in N/a. Published 2018-08-30.

Is CVE-2018-16158 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2018-16158

Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to pe…

EPSS: 0.700 (98.7th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

www.ctrlu.net/vuln/0006.html (x_refsource_MISC)
www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bu… (x_refsource_MISC)

Frequently asked questions

What is CVE-2018-16158?: CVE-2018-16158 is a vulnerability in N/a. Published 2018-08-30.
Is CVE-2018-16158 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.