VYPR
Low severity3.8NVD Advisory· Published Mar 5, 2024· Updated Apr 15, 2026

CVE-2023-42419

CVE-2023-42419

Description

Maintenance Server, in Cybellum's QCOW air-gapped distribution (China Edition), versions 2.15.5 through 2.27, was compiled with a hard-coded private cryptographic key.

An attacker with administrative privileges & access to the air-gapped server could potentially use this key to run commands on the server. The issue was resolved in version 2.28. Earlier versions, including all Cybellum 1.x versions, and distributions for the rest of the world remain unaffected.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.