cvedb.io
CVE-2016-9335
CRITICAL · CVSS 10
EPSS exploitation probability: 0%
Published 2018-05-09T13:29:00.247 · Last modified 2026-06-17T00:55:50.620

Summary

A hard-coded cryptographic key vulnerability was identified in Red Lion Controls Sixnet-Managed Industrial Switches running firmware Version 5.0.196 and Stride-Managed Ethernet Switches running firmware Version 5.0.190. Vulnerable versions of Stride-Managed Ethernet switches and Sixnet-Managed Industrial switches use hard-coded HTTP SSL/SSH keys for secure communication. Because these keys cannot be regenerated by users, all products use the same key. The attacker could disrupt communication or compromise the system. CVSS v3 base score: 10, CVSS vector string: (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). Red Lion Controls recommends updating to SLX firmware Version 5.3.174.

Affected products

redlion — sixnet-managed_industrial_switches_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when redlion ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.