Digital Alert Systems and Monroe Electronics EAS Firmware Security Advisory

["US-CERT" <US-CERT () public govdelivery com>]

US Computer Emergency Readiness Team banner graphic

National Cyber Awareness System:

Digital Alert Systems and Monroe Electronics EAS Firmware Security Advisory [ 
https://www.us-cert.gov/ncas/current-activity/2013/06/26/Digital-Alert-Systems-and-Monroe-Electronics-EAS-Firmware-Security
 ] 06/26/2013 04:25 PM EDT 
Original release date: June 26, 2013

Digital Alert Systems' DASDEC [ http://www.digitalalertsystems.com/pdf/130604-Monroe-Security-PR.pdf ] and Monroe 
Electronics' One-Net E189 [ http://www.monroe-electronics.com/MONROE_ELECTRONICS_PDF/130604-Monroe-Security-PR.pdf ] 
Emergency Alert System (EAS) encoder/decoder (ENDEC) devices exposed a shared private root SSH key in publicly 
available firmware images. Additional information is also available in CERT Vulnerability Note VU#662676 [ 
http://www.kb.cert.org/vuls/id/662676 ].

US-CERT recommends that users and administrators review the  CERT Vulnerability Note VU#662676 [ 
http://www.kb.cert.org/vuls/id/662676 ] and apply one or more of the recommended solutions.

________________________________________________________________________

This product is provided subject to this Notification [ http://www.us-cert.gov/privacy/notification ] and this Privacy 
& Use [ http://www.us-cert.gov/privacy/ ] policy.

________________________________________________________________________

OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ 
http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ 
http://www.us-cert.gov/related-resources ] 

STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]