CVE-2019-19753 — Vulnetix

Try Vulnetix Request Demo

CVE-2019-19753 PUBLISHED CVSS 9.100000381469727 CRITICAL

SimpleMiningOS through v1259 ships with SSH host keys baked into the installation image, which allows man-in-the-middle attacks and makes identification of all public IPv4 nodes trivial with Shodan.io. NOTE: the vendor indicated that they have no plans to fix this, and discourage deployment using public IPv4.

EPSS 0.16% · 37.1th percentile

Risk Scores

CVSS v3.1

9.100000381469727

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

EPSS Score

0.16%

37.1th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a, n/a
stupidthings.net	simpleminingos	0, 0

Timeline

Apr 10, 2020 VulnCheck KEV Exploitation
Apr 30, 2024 CVE Published
May 1, 2024 EPSS Score
May 25, 2024 EPSS Score
Jun 18, 2024 EPSS Score
Jul 12, 2024 EPSS Score
Aug 4, 2024 EPSS Score
Aug 5, 2024 CVE Updated
Aug 28, 2024 EPSS Score
Sep 21, 2024 EPSS Score
Oct 15, 2024 EPSS Score
Nov 8, 2024 EPSS Score

References

Open in Interactive Console →