|2016-05-26||OTHER||Sixnet BT||Neil Smith||N/A||2016-4521||N/A||N/A||N/A|
# Sixnet BT Series Hard-coded Credentials Vulnerability
Independent researcher Neil Smith has identified a hard-coded credential vulnerability in Sixnet's BT series routers. Sixnet has produced patches and new firmware to mitigate this vulnerability.
This vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available.
### AFFECTED PRODUCTS
Sixnet reports that the vulnerability affects the following products:
Sixnet BT-5xxx and BT-6xxx series M2M cellular routers versions prior to 3.8.21.
An attacker could exploit the hard-coded factory password to gain full access to the affected device.
Impact to individual organizations depends on many factors that are unique to each organization. NCCIC/ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.
Sixnet is a US-based company owned by Red Lion Controls.
The affected products, Sixnet BT series routers, are used for providing high-speed, secure wireless connectivity to critical assets and devices at remote sites. According to Sixnet, the BT series routers are deployed across several sectors including Commercial Facilities, Energy, Financial Services, and Transportation Systems. Sixnet estimates that these products are used primarily in North America, Europe, and Asia.
### VULNERABILITY CHARACTERIZATION
# VULNERABILITY OVERVIEW
USE OF HARD-CODED CREDENTIALS
There are hard-coded factory accounts on these devices.
CVE-2016-4521 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
### VULNERABILITY DETAILS
This vulnerability could be exploited remotely.
# EXISTENCE OF EXPLOIT
Exploits that target this vulnerability are publicly available.
An attacker with a low skill would be able to exploit this vulnerability.
Sixnet has produced patches and new firmware (versions 3.8.21 or 3.9.8) to address this issue. Users are recommended to install the latest version. Firmware and release notes can be found on Sixnet's software and firmware page at the following location: