CWE-1394
AllowedUse of Default Cryptographic Key
Abstraction: Base · Status: Incomplete
The product uses a default cryptographic key for potentially critical functionality.
32 vulnerabilities reference this CWE, most recent first.
GHSA-697W-W949-FHM4
Vulnerability from github – Published: 2025-12-02 12:30 – Updated: 2025-12-02 12:30Sprecher Automations SPRECON-E series uses default cryptographic keys that allow an unprivileged remote attacker to access all encrypted communications, thereby compromising confidentiality and integrity.
{
"affected": [],
"aliases": [
"CVE-2025-41744"
],
"database_specific": {
"cwe_ids": [
"CWE-1394"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-02T11:15:51Z",
"severity": "CRITICAL"
},
"details": "Sprecher Automations SPRECON-E series\u00a0uses default cryptographic keys that allow an unprivileged remote attacker to access all encrypted communications, thereby compromising confidentiality and integrity.",
"id": "GHSA-697w-w949-fhm4",
"modified": "2025-12-02T12:30:28Z",
"published": "2025-12-02T12:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-41744"
},
{
"type": "WEB",
"url": "https://www.sprecher-automation.com/fileadmin/itSecurity/PDF/SPR-2511043_de.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-6CJP-89M2-82W2
Vulnerability from github – Published: 2024-11-22 21:32 – Updated: 2024-11-22 21:32A vulnerability, which was classified as problematic, has been found in macrozheng mall up to 1.0.3. Affected by this issue is some unknown functionality of the component JWT Token Handler. The manipulation leads to use of default cryptographic key. The complexity of an attack is rather high. The exploitation is known to be difficult. The vendor was contacted early about this disclosure but did not respond in any way. Instead the issue posted on GitHub got deleted without any explanation.
{
"affected": [],
"aliases": [
"CVE-2024-11619"
],
"database_specific": {
"cwe_ids": [
"CWE-1394"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-22T21:15:17Z",
"severity": "LOW"
},
"details": "A vulnerability, which was classified as problematic, has been found in macrozheng mall up to 1.0.3. Affected by this issue is some unknown functionality of the component JWT Token Handler. The manipulation leads to use of default cryptographic key. The complexity of an attack is rather high. The exploitation is known to be difficult. The vendor was contacted early about this disclosure but did not respond in any way. Instead the issue posted on GitHub got deleted without any explanation.",
"id": "GHSA-6cjp-89m2-82w2",
"modified": "2024-11-22T21:32:18Z",
"published": "2024-11-22T21:32:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11619"
},
{
"type": "WEB",
"url": "https://github.com/macrozheng/mall/issues/880"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.285842"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.285842"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.444666"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-83MR-XXCJ-W7X3
Vulnerability from github – Published: 2025-09-09 21:30 – Updated: 2025-09-09 21:30Use of Default Cryptographic Key (CWE-1394)
{
"affected": [],
"aliases": [
"CVE-2025-55049"
],
"database_specific": {
"cwe_ids": [
"CWE-1394"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-09T19:15:53Z",
"severity": "CRITICAL"
},
"details": "Use of Default Cryptographic Key (CWE-1394)",
"id": "GHSA-83mr-xxcj-w7x3",
"modified": "2025-09-09T21:30:27Z",
"published": "2025-09-09T21:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55049"
},
{
"type": "WEB",
"url": "https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-867W-FFWP-RH44
Vulnerability from github – Published: 2026-02-06 00:30 – Updated: 2026-02-06 00:30Fortinet FortiOS through 7.6.6 allows attackers to decrypt LDAP credentials stored in device configuration files, as exploited in the wild from 2025-12-16 through 2026 (by default, the encryption key is the same across all customers' installations). NOTE: the Supplier's position is that the instance of CWE-1394 is not a vulnerability because customers "are supposed to enable" a non-default option that eliminates the weakness. However, that non-default option can disrupt functionality as shown in the "Managing FortiGates with private data encryption" document, and is therefore intentionally not a default option.
{
"affected": [],
"aliases": [
"CVE-2026-25815"
],
"database_specific": {
"cwe_ids": [
"CWE-1394"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-05T22:15:54Z",
"severity": "LOW"
},
"details": "Fortinet FortiOS through 7.6.6 allows attackers to decrypt LDAP credentials stored in device configuration files, as exploited in the wild from 2025-12-16 through 2026 (by default, the encryption key is the same across all customers\u0027 installations). NOTE: the Supplier\u0027s position is that the instance of CWE-1394 is not a vulnerability because customers \"are supposed to enable\" a non-default option that eliminates the weakness. However, that non-default option can disrupt functionality as shown in the \"Managing FortiGates with private data encryption\" document, and is therefore intentionally not a default option.",
"id": "GHSA-867w-ffwp-rh44",
"modified": "2026-02-06T00:30:26Z",
"published": "2026-02-06T00:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25815"
},
{
"type": "WEB",
"url": "https://docs.fortinet.com/document/fortimanager/7.6.6/administration-guide/30332/managing-fortigates-with-private-data-encryption"
},
{
"type": "WEB",
"url": "https://www.cert.at/en/blog/2026/1/threat-actors-use-forticloud-to-collect-ldap-connection-passwords"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-CH3R-QC65-HPFH
Vulnerability from github – Published: 2024-11-04 03:30 – Updated: 2024-11-04 03:30A vulnerability, which was classified as problematic, has been found in Cosmote Greece What's Up App 4.47.3 on Android. This issue affects some unknown processing of the file gr/desquared/kmmsharedmodule/db/RealmDB.java of the component Realm Database Handler. The manipulation of the argument defaultRealmKey leads to use of default cryptographic key. Local access is required to approach this attack. The complexity of an attack is rather high. The exploitation is known to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2024-10748"
],
"database_specific": {
"cwe_ids": [
"CWE-1394",
"CWE-798"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-04T01:15:03Z",
"severity": "LOW"
},
"details": "A vulnerability, which was classified as problematic, has been found in Cosmote Greece What\u0027s Up App 4.47.3 on Android. This issue affects some unknown processing of the file gr/desquared/kmmsharedmodule/db/RealmDB.java of the component Realm Database Handler. The manipulation of the argument defaultRealmKey leads to use of default cryptographic key. Local access is required to approach this attack. The complexity of an attack is rather high. The exploitation is known to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-ch3r-qc65-hpfh",
"modified": "2024-11-04T03:30:39Z",
"published": "2024-11-04T03:30:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10748"
},
{
"type": "WEB",
"url": "https://github.com/secuserx/CVE/blob/main/%5BHardcoded%20Realm%20Database%20Encryption%20Key%5D%20found%20in%20What\u0027s%20UP%20Android%20App%204.47.3%20-%20(RealmDB.java).md"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.282917"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.282917"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.432429"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-F7MQ-68Q8-XQV6
Vulnerability from github – Published: 2026-04-23 18:33 – Updated: 2026-05-05 15:31TP-Link TL-WR841N v13 uses DES-CBC encryption in the TDDPv2 debug protocol with a cryptographic key derived from default web management credentials, making the key predictable if device is left in default configuration. A network-adjacent attacker can exploit this weakness to gain unauthorized access to the protocol, read debug data, modify certain device configuration values, and trigger device reboot, resulting in loss of integrity and a denial-of-service condition.
{
"affected": [],
"aliases": [
"CVE-2026-5039"
],
"database_specific": {
"cwe_ids": [
"CWE-1394"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-23T18:16:30Z",
"severity": "MODERATE"
},
"details": "TP-Link TL-WR841N v13 uses DES-CBC encryption in the TDDPv2 debug protocol with a cryptographic key derived from default web management credentials, making the key predictable if device is left in default configuration. A network-adjacent attacker can exploit this weakness to gain unauthorized access to the protocol, read debug data, modify certain device configuration values, and trigger device reboot, resulting in loss of integrity and a denial-of-service condition.",
"id": "GHSA-f7mq-68q8-xqv6",
"modified": "2026-05-05T15:31:34Z",
"published": "2026-04-23T18:33:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5039"
},
{
"type": "WEB",
"url": "https://www.tp-link.com/us/support/download/tl-wr841n/v13/#Firmware"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-QX6M-HH7F-72HF
Vulnerability from github – Published: 2025-12-02 12:30 – Updated: 2025-12-02 12:30Sprecher Automations SPRECON-E-C, SPRECON-E-P, SPRECON-E-T3 is vulnerable to attack by an unauthorized remote attacker via default cryptographic keys. The use of these keys allows the attacker to read, modify, and write projects and data, or to access any device via remote maintenance.
{
"affected": [],
"aliases": [
"CVE-2025-41742"
],
"database_specific": {
"cwe_ids": [
"CWE-1394"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-02T11:15:51Z",
"severity": "CRITICAL"
},
"details": "Sprecher Automations SPRECON-E-C, \u00a0SPRECON-E-P, SPRECON-E-T3\u00a0is vulnerable to attack by an unauthorized remote attacker via default cryptographic keys. The use of these keys allows the attacker to read, modify, and write projects and data, or to access any device via remote maintenance.",
"id": "GHSA-qx6m-hh7f-72hf",
"modified": "2025-12-02T12:30:28Z",
"published": "2025-12-02T12:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-41742"
},
{
"type": "WEB",
"url": "https://www.sprecher-automation.com/fileadmin/itSecurity/PDF/SPR-2511042_de.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RGWP-J8MQ-FHC5
Vulnerability from github – Published: 2025-03-04 09:30 – Updated: 2025-03-04 09:30There is a Hard-coded Cryptographic Key in Docusnap 13.0.1440.24261, and earlier and later versions.
{
"affected": [],
"aliases": [
"CVE-2025-26849"
],
"database_specific": {
"cwe_ids": [
"CWE-1394"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-04T09:15:10Z",
"severity": "MODERATE"
},
"details": "There is a Hard-coded Cryptographic Key in Docusnap 13.0.1440.24261, and earlier and later versions.",
"id": "GHSA-rgwp-j8mq-fhc5",
"modified": "2025-03-04T09:30:40Z",
"published": "2025-03-04T09:30:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26849"
},
{
"type": "WEB",
"url": "https://docs.docusnap.com/en/release-notes/changelog"
},
{
"type": "WEB",
"url": "https://www.redteam-pentesting.de/en/advisories/rt-sa-2024-012"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-VFXW-PRHR-FVHH
Vulnerability from github – Published: 2026-04-08 21:33 – Updated: 2026-04-08 21:33Use of Default Cryptographic Key in the hardware for some Intel(R) Pentium(R) Processor Silver Series, Intel(R) Celeron(R) Processor J Series, Intel(R) Celeron(R) Processor N Series may allow an escalation of privilege. Hardware reverse engineer adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via physical access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (high), integrity (high) and availability (none) impacts.
{
"affected": [],
"aliases": [
"CVE-2026-20709"
],
"database_specific": {
"cwe_ids": [
"CWE-1394"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-08T19:25:12Z",
"severity": "MODERATE"
},
"details": "Use of Default Cryptographic Key in the hardware for some Intel(R) Pentium(R) Processor Silver Series, Intel(R) Celeron(R) Processor J Series, Intel(R) Celeron(R) Processor N Series may allow an escalation of privilege. Hardware reverse engineer adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via physical access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (high), integrity (high) and availability (none) impacts.",
"id": "GHSA-vfxw-prhr-fvhh",
"modified": "2026-04-08T21:33:32Z",
"published": "2026-04-08T21:33:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20709"
},
{
"type": "WEB",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-00609.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:P/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-W92R-FPR6-76RV
Vulnerability from github – Published: 2024-12-09 21:31 – Updated: 2024-12-11 18:30Serviceware Processes 6.0 through 7.3 allows attackers without valid authentication to send a specially crafted HTTP request to a service endpoint resulting in remote code execution.
{
"affected": [],
"aliases": [
"CVE-2024-48956"
],
"database_specific": {
"cwe_ids": [
"CWE-120",
"CWE-1394"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-09T19:15:13Z",
"severity": "CRITICAL"
},
"details": "Serviceware Processes 6.0 through 7.3 allows attackers without valid authentication to send a specially crafted HTTP request to a service endpoint resulting in remote code execution.",
"id": "GHSA-w92r-fpr6-76rv",
"modified": "2024-12-11T18:30:41Z",
"published": "2024-12-09T21:31:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-48956"
},
{
"type": "WEB",
"url": "https://security.serviceware-se.com/CVE-2024-48956"
},
{
"type": "WEB",
"url": "https://serviceware-se.com/platform/serviceware-processes"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
Prohibit use of default, hard-coded, or other values that do not vary for each installation of the product - especially for separate organizations.
Mitigation
Force the administrator to change the credential upon installation.
Mitigation
The product administrator could change the defaults upon installation or during operation.
No CAPEC attack patterns related to this CWE.