The Auto-Maskin DCU 210E firmware contains an undocumented Dropbear SSH server, v2015.55, configured to listen on Port 22 while the DCU is running and is configured with a hard-coded credentials
Description
The Auto-Maskin DCU 210E firmware contains an undocumented Dropbear SSH server, v2015.55, configured to listen on Port 22 while the DCU is running. The Dropbear server is configured with a hard-coded user name and password combination of root / amroot. The server is configured to use password only authentication not cryptographic keys, however the firmware image contains an RSA host-key for the server. An attacker can exploit this vulnerability to gain root access to the Angstrom Linux operating system and modify any binaries or configuration files in the firmware. Affected releases are Auto-Maskin DCU-210E RP-210E: Versions prior to 3.7 on ARMv7.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Auto-Maskin DCU 210E firmware (versions prior to 3.7) includes a hard-coded root SSH credential, allowing remote unauthenticated attackers full root access.
Vulnerability
The Auto-Maskin DCU 210E and RP 210E firmware versions prior to 3.7 on ARMv7 contain an undocumented Dropbear SSH server (v2015.55) listening on port 22 while the device is running [1][2]. The server is configured with a hard-coded username and password combination of root / amroot and uses password-only authentication (no cryptographic keys) [1]. The hard-coded credential is present in the firmware image, and the password is easily susceptible to cracking [2].
Exploitation
An attacker can exploit this vulnerability remotely without any authentication or prior access, as the Dropbear server is exposed on port 22 [1]. The attacker only needs network connectivity to the device and can use any SSH client to connect with the hard-coded credentials root and amroot [1][2]. No user interaction or additional privileges are required; the SSH server is active by default [1].
Impact
Successful exploitation grants the attacker root access to the Angstrom Linux operating system running on the device [1][2]. With root privileges, the attacker can modify any binaries, configuration files, or system settings in the firmware, potentially leading to full compromise of the device and the ability to manipulate monitored engine controls [1][2]. The scope of the compromise includes both read and write access to critical system files [1].
Mitigation
According to CISA advisory ICSA-20-051-04, the affected versions are RP210E and DCU210E versions 3.7 and prior [1]. At the time of the CERT/CC vulnerability note (2018-10-06), no update was available to address these vulnerabilities [2]. Users are encouraged to contact Auto-Maskin for fixed firmware releases. As a workaround, these critical control devices should only be deployed on private, carefully secured networks with restricted access [1][2]. No KEV listing is present at the time of writing.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3- Range: < 3.7
- Auto-Maskin/DCU-210Ev5Range: 3.7
- Auto-Maskin/RP-210Ev5Range: 3.7
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.kb.cert.org/vuls/id/176301mitrethird-party-advisoryx_refsource_CERT-VN
- www.us-cert.gov/ics/advisories/icsa-20-051-04mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.